40 changed files with 1689 additions and 3080 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,12 +0,0 @@
 version: 2
 updates:
  - package-ecosystem: github-actions
    directory: "/"
    schedule:
      interval: daily
      time: "04:00"
    reviewers:
      - "waja"
    pull-request-branch-name:
      separator: "-"
    open-pull-requests-limit: 10
--- a/.github/workflows/packaging_test.yml
+++ b/.github/workflows/packaging_test.yml
@ -1,36 +0,0 @@
 name: Packaging Test
 on:
  push:
    branches:
      - $default-branch
      - development
      - master
  # Run tests for any PRs
  pull_request:
 env:
  SOURCE_DIR: ./
  ARTIFACTS_DIR: debian/build/release/
 jobs:
  test:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
      env:
        DEBIAN_FRONTEND: "noninteractive"
    - name: Remove github artefacts
      run: |
        rm -rf .github*
    - name: Adjust distibution in changelog file
      run: |
        sed -i '0,/restricted/s//stable/' debian/changelog
    - name: Build Debian package
      uses: dawidd6/action-debian-package@v1.5.0
      with:
        artifacts_directory: debian/build/release/
        os_distribution: testing
    - name: Debug
      run: |
        ls -la
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -1,71 +0,0 @@
 on:
  push:
    # Sequence of patterns matched against refs/tags
    tags:
      - 'debian/*' # Push events to matching debian/*, i.e. debian/1.0-2, debian/20.15.10, debian/23.20020326
 name: Release Process
 env:
  SOURCE_DIR: ./
  ARTIFACTS_DIR: debian/build/release/
 jobs:
  create-release:
    name: Create Release
    runs-on: ubuntu-latest
    outputs:
      release-id: ${{ steps.create_release.outputs.id }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Install needed packages
        run: |
          if [ $(dpkg -l | grep -c dpkg-dev) -ne 1 ]; then sudo apt-get update && sudo apt-get install -y dpkg-dev; fi
      - name: Gather changelog
        run: |
          ls -la
          dpkg-parsechangelog | tail -n +9 > debian.changelog
      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
        with:
          tag_name: ${{ github.ref }}
          release_name: Release ${{ github.ref }}
          body_path: debian.changelog
          draft: false
          prerelease: false
  build:
    name: Build and upload packages
    needs: create-release
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
      env:
        DEBIAN_FRONTEND: "noninteractive"
    - name: Remove github artefacts
      run: |
        rm -rf .github*
    - name: Adjust distibution in changelog file
      run: |
        sed -i '0,/restricted/s//stable/' debian/changelog
    - name: Build Debian package
      uses: dawidd6/action-debian-package@v1.5.0
      with:
        artifacts_directory: debian/build/release/
        os_distribution: testing
 #    - name: Build Debian package
 #      uses: pi-top/action-debian-package@v0.2.0
 #      with:
 #        artifacts_directory: debian/build/release/
 #        target_architectures: "amd64,i386"
    - name: Upload the artifacts
      uses: skx/github-action-publish-binaries@release-2.0
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      with:
        releaseId: ${{ needs.create-release.outputs.release-id }}
        args: debian/build/release/*
--- a/.travis.yml
+++ b/.travis.yml
@ -1,32 +0,0 @@
 dist: xenial
 sudo: required
 env:
  - TRAVIS_DEBIAN_DISTRIBUTION=unstable TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/" TRAVIS_DEBIAN_SECURITY_UPDATES=false
  - TRAVIS_DEBIAN_DISTRIBUTION=testing  TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/"
  - TRAVIS_DEBIAN_DISTRIBUTION=stable   TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/"
 services:
  - docker
 before_script:
  # fetch all tags (not done due travis cloning with depth=50)
  - git fetch --tags
 script:
  # build the debian package
  - wget -O- http://travis.debian.net/script.sh | sh -
 after_script:
  # run lintian after build
  - sudo add-apt-repository -y ppa:waja/trusty-backports
  - sudo apt-get update -qq
  - sudo apt-get install -qq --no-install-recommends lintian
  - lintian --info --display-info --display-experimental --pedantic --show-overrides ../*.deb && lintian --info --display-info --display-experimental --pedantic --show-overrides ../*.dsc
 #notifications:
 #  email: false
 branches:
  except:
    - /^debian\/\d/
--- a/debian/.gitlab-ci.yml
+++ b/debian/.gitlab-ci.yml
@ -1,14 +0,0 @@
 include:
 - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
 - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
 variables:
 RELEASE: 'unstable'
 SALSA_CI_DISABLE_APTLY: 0
 SALSA_CI_DISABLE_AUTOPKGTEST: 1
 SALSA_CI_DISABLE_BLHC: 0
 SALSA_CI_DISABLE_LINTIAN: 0
 SALSA_CI_DISABLE_PIUPARTS: 1
 SALSA_CI_DISABLE_REPROTEST: 1
 SALSA_CI_DISABLE_BUILD_PACKAGE_ALL: 0
 SALSA_CI_DISABLE_BUILD_PACKAGE_ANY: 0
--- a/debian/bin/github-release.sh
+++ b/debian/bin/github-release.sh
@ -1,188 +0,0 @@
 #!/bin/bash
 # Copyright (c) 2014 Terry Burton
 #
 # https://github.com/terryburton/travis-github-release
 #
 # Permission is hereby granted, free of charge, to any
 # person obtaining a copy of this software and associated
 # documentation files (the "Software"), to deal in the
 # Software without restriction, including without
 # limitation the rights to use, copy, modify, merge,
 # publish, distribute, sublicense, and/or sell copies of
 # the Software, and to permit persons to whom the Software
 # is furnished to do so, subject to the following
 # conditions:
 #
 # The above copyright notice and this permission notice
 # shall be included in all copies or substantial portions
 # of the Software.
 #
 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
 # KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
 # THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
 # PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 # THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
 # DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
 # CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 # CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 # IN THE SOFTWARE.
 # This script provides a simple continuous deployment
 # solution that allows Travis CI to publish a new GitHub 
 # release and upload assets to it whenever a tag is pushed:
 # git tag; git push --tags
 #
 # It is created as a temporary solution whilst we wait for
 # Travis DPL to support GitHub:
 #
 # https://github.com/travis-ci/dpl
 #
 # Place this script somewhere in your project repository (perhaps by forking
 # the github-travis-release repo and adding your fork as a git submodule) then
 # put something like this to your .travis.yml:
 #
 # after_success: .travis/github-release.sh "$TRAVIS_REPO_SLUG" "`head -1 src/VERSION`" build/release/*
 #
 # The first argument is your repository in the format
 # "username/repository", which Travis provides in the
 # TRAVIS_REPO_SLUG environment variable.
 #
 # The second argument is the release version which as a
 # sanity check should match the tag that you are releasing.
 # You could pass "`git describe`" to satisfy this check.
 #
 # The remaining arguments are a list of asset files that you
 # want to publish along with the release.
 #
 # The script requires that you create a GitHub OAuth access
 # token to facilitate the upload:
 #
 # https://help.github.com/articles/creating-an-access-token-for-command-line-use
 #
 # You must pass this securely in the GITHUBTOKEN environment
 # variable:
 #
 # http://docs.travis-ci.com/user/encryption-keys/
 #
 # For testing purposes you can create a local convenience
 # file in the script directory called GITHUBTOKEN that sets
 # the GITHUBTOKEN environment variable. If you do so you MUST
 # ensure that this doesn't get pushed to your repository,
 # perhaps by adding it to a .gitignore file.
 #
 # Should you get stuck then look at a working example. This
 # code is being used by Barcode Writer in Pure PostScript
 # for automated deployment:
 #
 # https://github.com/terryburton/postscriptbarcode
 set -e
 REPO=$1 && shift
 RELEASE=$1 && shift
 RELEASEFILES=$@
 if ! TAG=`git describe --exact-match --tags 2>/dev/null`; then
  echo "This commit is not a tag so not creating a release"
  exit 0
 fi
 if [ "$TRAVIS" = "true" ] && [ -z "$TRAVIS_TAG" ]; then
  echo "This build is not for the tag so not creating a release"
  exit 0
 fi
 if [ "$TRAVIS" = "true" ] && [ "$TRAVIS_TAG" != "$RELEASE" ]; then
  echo "Error: TRAVIS_TAG ($TRAVIS_TAG) does not match the indicated release ($RELEASE)"
  exit 1
 fi
 if [ "$TAG" != "$RELEASE" ]; then
  echo "Error: The tag ($TAG) does not match the indicated release ($RELEASE)"
  exit 1
 fi
 if [[ -z "$RELEASEFILES" ]]; then
  echo "Error: No release files provided"
  exit 1
 fi
 SCRIPTDIR=`dirname $0`
 [ -e "$SCRIPTDIR/GITHUBTOKEN" ] && . "$SCRIPTDIR/GITHUBTOKEN"
 if [[ -z "$GITHUBTOKEN" ]]; then
  echo "Error: GITHUBTOKEN is not set"
  exit 1
 fi
 echo "Creating GitHub release for $RELEASE"
 echo -n "Create draft release... "
 JSON=$(cat <<EOF
 {
  "tag_name":         "$TAG",
  "target_commitish": "master",
  "name":             "$TAG: New release",
  "draft":            true,
  "prerelease":       false
 }
 EOF
 )
 RESULT=`curl -s -w "\n%{http_code}\n"     \
  -H "Authorization: token $GITHUBTOKEN"  \
  -d "$JSON"                              \
  "https://api.github.com/repos/$REPO/releases"`
 if [ "`echo "$RESULT" | tail -1`" != "201" ]; then
  echo FAILED
  echo "$RESULT" 
  exit 1
 fi 
 RELEASEID=`echo "$RESULT" | sed -ne 's/^  "id": \(.*\),$/\1/p'`
 if [[ -z "$RELEASEID" ]]; then
  echo FAILED
  echo "$RESULT" 
  exit 1
 fi
 echo DONE
 for FILE in $RELEASEFILES; do
  if [ ! -f $FILE ]; then
    echo "Warning: $FILE not a file"
    continue
  fi
  FILESIZE=`stat -c '%s' "$FILE"`
  FILENAME=`basename $FILE`
  echo -n "Uploading $FILENAME... "
  RESULT=`curl -s -w "\n%{http_code}\n"                   \
    -H "Authorization: token $GITHUBTOKEN"                \
    -H "Accept: application/vnd.github.manifold-preview"  \
    -H "Content-Type: application/zip"                    \
    --data-binary "@$FILE"                                \
    "https://uploads.github.com/repos/$REPO/releases/$RELEASEID/assets?name=$FILENAME&size=$FILESIZE"`
  if [ "`echo "$RESULT" | tail -1`" != "201" ]; then
    echo FAILED
    echo "$RESULT" 
    exit 1
  fi
  echo DONE
 done 
 echo -n "Publishing release... "
 JSON=$(cat <<EOF
 {
  "draft": false
 }
 EOF
 )
 RESULT=`curl -s -w "\n%{http_code}\n"     \
  -X PATCH                                \
  -H "Authorization: token $GITHUBTOKEN"  \
  -d "$JSON"                              \
  "https://api.github.com/repos/$REPO/releases/$RELEASEID"`
 if [ "`echo "$RESULT" | tail -1`" = "200" ]; then
  echo DONE
 else
  echo FAILED
  echo "$RESULT" 
  exit 1
 fi 
--- a/debian/changelog
+++ b/debian/changelog
@ -1,298 +0,0 @@
 postfwd (1.35-9) UNRELEASED; urgency=medium
  * 
 -- Jan Wagner <waja@cyconet.org>  Mon, 23 Jan 2023 12:43:03 +0000
 postfwd (1.35-8) unstable; urgency=medium
  * [d32c972] d/watch: Update to new url scheme
  * [47e9ee0] Bump debhelper from old 12 to 13.
  * [cac0b96] Bump Standards-Version to 4.6.2
  * [98d8062] Update watch file format version to 4.
  * [7ba39f1] Drop lsb-base, sysvinit-utils is essential
  * [be975fb] Set Rules-Requires-Root: no.
 -- Jan Wagner <waja@cyconet.org>  Mon, 23 Jan 2023 12:40:57 +0000
 postfwd (1.35-7) unstable; urgency=medium
  * [f2a169d] Use secure copyright file specification URI.
  * [270413d] Use secure URI in Homepage field.
  * [1563d38] d/source/options: Adding .github to diff ignore
  * [f32e604] Adding d/.gitlab-ci.yml
  * [94f95bc] Adding Dependabot config
  * [b16de77] Do not remove .git* anymore
  * [4926505] ci: pin action versions
  * [d0ecd91] d/rules: Calling dh_installsystemd (Closes: #994901)
 -- Jan Wagner <waja@cyconet.org>  Tue, 28 Sep 2021 13:28:53 +0200
 postfwd (1.35-6) unstable; urgency=medium
  * [1446da0] Fix initscript (Closes: #942414)
  * [3abd7a4] Bump Standards-Version to 4.5.1.0, no changes needed
  * [27de180] Adding Github CI
  * [a282d29] d/control: Raise compat level to 12
 -- Jan Wagner <waja@cyconet.org>  Wed, 06 Jan 2021 21:49:07 +0100
 postfwd (1.35-5) unstable; urgency=medium
  * [217213b] Adding systemd unit file
  * [8e419b4] Add a bit documentation about systemd (and sysvinit)
  * [62139a7] travis-ci: Use xenial image
  * [ac0ac42] d/control: Bump Standards-Version to 4.3.0, no changes needed
  * [e438455] d/postfwd.postrm: detect existens of command by which and
    not 'test -x'
 -- Jan Wagner <waja@cyconet.org>  Thu, 24 Jan 2019 09:37:19 +0100
 postfwd (1.35-4) unstable; urgency=medium
  * [e8799d3] travis-ci: don't install build-deps manual
  * [c86c540] travis-ci: build package with dpkg-buildpackage
  * [07e9eeb] travis-ci: Initial support for uploading releases to github
  * [231a90f] Merging upstream changes of github-release.sh
  * [b832cd0] Updating copyright and author of debian/bin/github-release.sh
  * [5e353b5] debian/control: reformating with warp-and-sort
  * [3862572] Reformating with warp-and-sort the rest of debian/
  * [d4687ee] travis-ci: grab actual used upstream version
  * [4d0d01d] travis-ci: Adding required arguments for trusty
  * [11da7ca] travis-ci: automatically install dependencies
  * [7ad8c99] d/control: Bump Standards-Version to 3.9.8, no changes needed
  * [80b011c] d/control: Depend on lsb-base
  * [583a10d] travis-ci: Make use of travis.d.n
 -- Jan Wagner <waja@cyconet.org>  Mon, 05 Dec 2016 11:50:27 +0100
 postfwd (1.35-3) unstable; urgency=medium
  * [965e0d7] Remove shiped html files from binaries
  * [17c1925] Bump Standards-Version to 3.9.6, no changes needed
 -- Jan Wagner <waja@cyconet.org>  Mon, 13 Oct 2014 15:02:11 +0200
 postfwd (1.35-2) unstable; urgency=low
  * Migrate over example installation to postfwd.examples
  * Add plugins/*.sample to examples
  * [6f4f77b] Remove generated hapolicy manpage in clean target
  * [05ca589] Updating standards version to 3.9.4, no changes needed
  * [bb64a82] Source init functions in init script
  * [5d8b250] Update Vcs-headers
  * [0df5d0a] Updating standards version to 3.9.5, no changes needed
  * [86f8f61] Add travis-ci config
  * [010082b] Remove unneeded purge from travis config
  * [7542e86] Reorder and comment .travis.yml
  * [7025f4f] Add lintian checks after build
  * [ddbfcc0] Update to recent copyright format
  * [b9b503e] Move samples into /usr/share/doc/postfwd/examples
  * [1e7c202] Add 10_fix_wording_manpages.patch to fix manpages
  * [f7da50f] travis-ci: Remove dpatch from build-deps
  * [dd5f01d] Add 20_fix_postfwd1_default_umask.patch to fix postfwd default
    umask (Closes: #717607), thanks Jesse Norell
  * [172a432] Fix bug report source format move
 -- Jan Wagner <waja@cyconet.org>  Sun, 09 Mar 2014 23:43:28 +0100
 postfwd (1.35-1) unstable; urgency=low
  * New upstream release
   - fixed fixed taint mode logging error
   - check_* functions use print/getline instead of send/recv for large
     --dumpcache output
   - log_* routines added to allow the same plugins for postfwd1 and postfwd2
   - added more information when using --debug=cleanup
   - new sendmail(sendmail-path::from::to::subject::body) action
   - rate(), size() and rcpt() function index is now case insensitive by
     default
   - fixed segfault when using new perl versions (Closes: #697653)
 -- Jan Wagner <waja@cyconet.org>  Wed, 22 May 2013 14:49:15 +0200
 postfwd (1.33-1) UNRELEASED; urgency=low
  * New upstream release
   - fixed bug when computing scores with more than 1 digit after the "."
   - fixed bug when computing negative values with the set action
   - ITEMS plugins returning zero values were handled incorrectly
   - max command recursion was not reset for each rule
   - fixed warning about use of (uninitialized value) when STORABLE
     is available but no cache file was defined (Closes: #697657)
  * Fix comment in /etc/default/postfwd (Closes: #679924), thanks Jeroen
    Koekkoek
  * Fix typo in README.Debian (closes: #691242), thanks Axel Beckert
 -- Jan Wagner <waja@cyconet.org>  Thu, 29 Mar 2012 20:31:17 +0200
 postfwd (1.32-2) unstable; urgency=low
  * Switch over to packaging format 3.0 (quilt) (Closes: #664368)
  * Updating standards version to 3.9.3, no changes needed
  * Remove build-dependency of dpatch
  * Use dh_prep instead of dh_clean -k
  * Add build-arch and build-indep targets to debian/rules
 -- Jan Wagner <waja@cyconet.org>  Thu, 29 Mar 2012 20:22:17 +0200
 postfwd (1.32-1) unstable; urgency=low
  * New upstream release
   - new option --save_rates=<file> is able to load and save rate limit counters
     to disk on program start and termination.
   - the --debugitem="sender=example\.org$" option allows verbose logging for
     particular requests
   - the debug() action enables verbose logging for certain rules
   - nested commands are possible now
   - new mail(server/helo/from/to/subject/body) action.
   - single cache items can be wiped
   - sasl_username is logged if available
   - rate limit action is executed, if the first request exceeds the limit
   - exceeded ratecounters will not be kept permanently anymore
   - rate limits are evaluated at ruleset stage now
   - new parser enhancement is able to omit the trailing "\" for multi-line
     rules
   - new plugin interface (BETA)
   - Time::HiRes is used if available
   - multiple rate limits for the same items are supported now
   - new $$ratecount variable for rate() actions
   - new option --keep_rates
   - queueid is logged when available
   - rate limits fixed
   - new --debug class 'cleanup'
   - documentation updates and fixes
  * Suppress output on restarting via init script (Closes: #636782), thanks
    Martin F. Krafft for reporting
  * Add hapolicy and manpage into separate binary package
  * Reorganize documentation
   - Add new files from upstream to documentation
   - Changelogs where renamed by upstream
  * Bump Standards-Version to 3.9.2, no changes needed
 -- Jan Wagner <waja@cyconet.org>  Wed, 21 Dec 2011 22:27:27 +0100
 postfwd (1.20-1) unstable; urgency=low
  * New upstream release
    - Release contains postfwd1 and postfwd2 now (Closes: #582969)
    - new --umask setting allows to set filepermissions for pidfiles and unix
      domain sockets
    - Rate limit code rewritten
    - rbl checks disabled for ipv6 addresses, cidr compare will switch to
      default (regex/string)
    - rbl check could fail on multiple dnsbl answers
  * Add dpatch infrastructure
  * Provide update-alternatives for choosing the postfwd variant
  * Install also CHANGELOG2
  * Bump Standards-Version to 3.9.1, no changes needed
 -- Jan Wagner <waja@cyconet.org>  Thu, 10 Feb 2011 08:38:04 +0100
 postfwd (1.18-1) unstable; urgency=low
  * New upstream release
    - Fixed bug when comparing sender and recipient addresses, like
      "sender=$$recipient"
 -- Jan Wagner <waja@cyconet.org>  Thu, 29 Apr 2010 08:46:25 +0200
 postfwd (1.17-1) unstable; urgency=low
  * New upstream release
    - Net::DNS internal errors will now be handled gracefully
    - default for options --dns_max_ns_a_lookups and --dns_max_mx_a_lookups of
      100
    - Fixed variable substitution when the '=' operator is used
 -- Jan Wagner <waja@cyconet.org>  Mon, 22 Mar 2010 09:02:31 +0100
 postfwd (1.16-2) unstable; urgency=low
  * Bump Standards-Version to 3.8.4, no changes needed
  * Migrate Vcs-Fields over to scm.uncompleted.org
  * Add 1.0 to debian/source/format
 -- Jan Wagner <waja@cyconet.org>  Wed, 10 Mar 2010 12:35:57 +0100
 postfwd (1.16-1) unstable; urgency=low
  * NEW upstream release
    - documentation fixed
    - configuration parser improvements
    - option --reload (HUP signal) now reloads config, if the file is unchanged
    - redirect syslog to stdout for --kill, --reload and --showconfig
    - new rcpt() command counts recipients for rate limits
    - helo_address, and sender_(ns|mx)_addrs can now be csv items
    - items may now be retrieved from files using "item=file:/some/where"
  * Add "Copyright" to all copyrights in debian/copyright
  * Bump standards version to 3.8.3 (no changes needed)
  * Fix speeling errors in debian/README.Debian
 -- Jan Wagner <waja@cyconet.org>  Thu, 14 Jan 2010 19:32:26 +0100
 postfwd (1.14-1) unstable; urgency=low
  * new upstream release
    - new compare operators
    - added --nodaemon option
    - perform non dns items first
    - enabled dns cache for sender(ns|mx) and helo address
    - new options --dns_max_ns_lookups and --dns_max_mx_lookups
    - new items sender_ns_names and sender_ns_addrs
    - new items sender_mx_names and sender_mx_addrs
    - new item helo_address, please see docs for more
    - added --proto switch, to enable the use of unix domain sockets
    - added command-line options --kill and --reload
    - dnsbl txt lookups only for dnsbls with at least one a record
    - small performance improvement
    - ask() action allows to use another policy service
    - new options --noidlestats and --norulelog
  * install postfwd.cf.sample, was renamed upstream
  * leave hints about documentation and config verification in README.Debian
  * Bump standards version to 3.8.2 (no changes needed)
 -- Jan Wagner <waja@cyconet.org>  Mon, 06 Jul 2009 21:15:35 +0200
 postfwd (1.10pre8b-1) unstable; urgency=low
  * new upstream release
    - Net::CIDR::Lite is not required any longer
    - Net::DNS::Async is no longer used
    - changed Net::Server behaviour to ignore syslog errors
    - --shortlog is now default behaviour (use -v to see more)
    - days=Wed now means exactly Wednesday
    - disabled fallback to synchronous dns on timed out rbls
    - new item "rhsbl_helo" allows to check helo against rhsbls
    - the new variable $$request_hits contains a list of all matching ruleids
    - the new variable $$dnsbltext allows access to txt records of rbls
    - new options --no-rulestats and --nodnslog
    - ttls of the dns responses override --cache-rbl-timeout when bigger
  * drop dependency of libnet-cidr-lite-perl and libnet-dns-async-perl
  * add dependency of libnet-dns-perl
 -- Jan Wagner <waja@cyconet.org>  Thu, 19 Feb 2009 22:39:09 +0100
 postfwd (1.10pre7c-3) unstable; urgency=low
  * implement machine-interpretable copyright file
  * fix init script (Closes: #503597).
    - let daemon write pid file for his own
    - point start-stop daemon to pidfile when stoping
    - fix reload by fixing the way how to get the pid
  * fix example-cfg2.txt to work with 1.10pre7 (Closes: #503596).
 -- Jan Wagner <waja@cyconet.org>  Fri, 31 Oct 2008 09:55:52 +0100
 postfwd (1.10pre7c-2) unstable; urgency=low
  * Uploading to unstable.
  * Updating standards version to 3.8.0, no changes needed
 -- Jan Wagner <waja@cyconet.org>  Tue, 15 Jul 2008 22:43:08 +0200
 postfwd (1.10pre7c-1) experimental; urgency=low
  * Initial release (Closes: #470356).
 -- Jan Wagner <waja@cyconet.org>  Sat, 31 May 2008 22:07:08 +0200
--- a/debian/control
+++ b/debian/control
@ -1,36 +0,0 @@
 Source: postfwd
 Section: mail
 Priority: optional
 Maintainer: Jan Wagner <waja@cyconet.org>
 Build-Depends: debhelper-compat (= 13), html2text
 Homepage: https://www.postfwd.org/
 Vcs-Browser: https://gitlab.uncompleted.org/debian/postfwd
 Vcs-Git: https://gitlab.uncompleted.org/debian/postfwd.git
 Standards-Version: 4.6.2
 Rules-Requires-Root: no
 Package: postfwd
 Architecture: all
 Depends: adduser,
         libnet-dns-perl,
         libnet-server-perl,
         ${misc:Depends},
         ${perl:Depends}
 Conflicts: postfwd2
 Description: Postfix policyd to combine complex restrictions in a ruleset
 Postfwd is written in perl to combine complex postfix restrictions in a
 ruleset similar to those of the most firewalls. The program uses the postfix
 policy delegation protocol to control access to the mail system before a
 message has been accepted. It allows you to choose an action (e.g. reject,
 dunno) for a combination of several smtp parameters (like sender and recipient
 address, size or the client's TLS fingerprint).
 Package: hapolicy
 Architecture: all
 Depends: ${misc:Depends}, ${perl:Depends}
 Description: Balancing and fallback postfix policy delegation service
 Hapolicy enables high availability, weighted loadbalancing and a fallback
 action for postfix policy delegation services. Invoked via postfix spawn
 it acts as a wrapper that queries other policy servers via tcp connection.
 The order of the service queries can be influenced by assigning a specific
 priority and weight to each service.
--- a/debian/copyright
+++ b/debian/copyright
@ -1,82 +0,0 @@
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: postfwd
 Upstream-Contact: Jan Peter Kessler <info@postfwd.org>
 Source: http://www.postfwd.org
 Files: *
 Copyright: Copyright (c) 2007, Jan Peter Kessler, All rights reserved.
 License: BSD-3
 Files: debian/*
 Copyright: Copyright (C) 2006, 2008 Jan Wagner <waja@cyconet.org>
 License: GPL-2+
 Files: debian/example-cfg2.txt
 Copyright: Copyright (c) 2008, Henrik Krohns <hege@hege.li>
 License: BSD-3
 Files: debian/bin/github-release.sh
 Copyright: Copyright (c) 2014 Terry Burton
 License: Expat
 License: Expat
        Permission is hereby granted, free of charge, to any person obtaining
        a copy of this software and associated documentation files (the
        "Software"), to deal in the Software without restriction, including
        without limitation the rights to use, copy, modify, merge, publish,
        distribute, sublicense, and/or sell copies of the Software, and to
        permit persons to whom the Software is furnished to do so, subject to
        the following conditions:
        .
        The above copyright notice and this permission notice shall be included
        in all copies or substantial portions of the Software.
        .
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
        EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
        MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
        IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
        CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
        TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
        SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 License: BSD-3
    Redistribution and use in source and binary forms, with or without
    modification, are permitted provided that the following conditions are met:
    .
    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of the authors nor the names of his contributors may be
      used to endorse or promote products derived from this software without
      specific prior written permission.
    .
    THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED
    WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
    EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
    EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
    PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
    OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
    WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
    OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
    ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 License: GPL-2+
        This program is free software; you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation; either version 2 of the License, or
        (at your option) any later version.
        .
        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
        GNU General Public License for more details.
        .
        You should have received a copy of the GNU General Public License
        along with this program; if not, write to the Free Software
        Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
        .
 On Debian systems, the complete text of the GNU General Public License can be
 found in /usr/share/common-licenses/GPL-2 file.
--- a/debian/example-cfg2.txt
+++ b/debian/example-cfg2.txt
@ -1,146 +0,0 @@
 # downloaded from http://hege.li/howto/spam/etc/postfwd/postfwd.conf
 # check for more recent versions!
 ###
 ### Example config for postfwd 1.10pre7+
 ###
 ## Check DNS whitelists, maybe we don't need more checks
 id=OK_DNSWL; \
  rbl=list.dnswl.org/^127/43200; \
  action=DUNNO
 ## Check (non-fqdn/ip/dynamic) HELO and (missing) reverse DNS
 id=SET_HELO; \
  helo_name=!!\.; \
  helo_name=[0-9.-]{7}; \
  action=set(HIT_helo=1)
 id=SET_NODNS; \
  client_name=^unknown$; \
  action=set(HIT_nodns=1)
 id=REJECT_HELO_NODNS; \
  HIT_helo==1; HIT_nodns==1; \
  action=REJECT Blocked - contact postmaster@example.net for help - Suspicious HELO [$$helo_name] and missing reverse DNS [$$client_address]
 ## Check ZEN first for immediate blocking - less queries for other lists
 ## See usage policy: http://www.spamhaus.org/organization/dnsblusage.html
 id=REJECT_RBL_ZEN; \
  rbl=zen.spamhaus.org; \
  action=REJECT Blocked - contact postmaster@example.net for help - zen.spamhaus.org RBL
 ## Check other DNSBLs in parallel
 &&DNSBLS { \
  rbl=bl.spamcop.net; \
  rbl=dnsbl-1.uceprotect.net; \
  rbl=dnsbl-2.uceprotect.net; \
  rbl=dnsbl-3.uceprotect.net; \
  rbl=psbl.surriel.com; \
  rbl=combined.njabl.org; \
  rbl=dnsbl.ahbl.org; \
  rbl=dnsbl.sorbs.net; \
  rbl=ix.dnsbl.manitu.net; \
  rbl=dyna.spamrats.com; \
 };
 id=EVAL_DNSBLS; \
  &&DNSBLS; rblcount=all; \
  action=set(HIT_rbls=$$rblcount)
 id=REJECT_RBL_MULTI; \
  HIT_rbls>=2; \
  action=REJECT Blocked - contact postmaster@example.net for help - Multiple DNSBLs
 ## Check RHSBLs if there wasn't enough DNSBLs hit
 &&RHSBLS_REVERSE { \
  rhsbl_reverse_client=dynamic.rhs.mailpolice.com; \
 };
 &&RHSBLS_SENDER { \
  rhsbl_sender=multi.uribl.com; \
  rhsbl_sender=multi.surbl.org; \
  rhsbl_sender=bulk.rhs.mailpolice.com; \
  rhsbl_sender=rhsbl.ahbl.org; \
  rhsbl_sender=rhsbl.sorbs.net; \
  rhsbl_sender=dsn.rfc-ignorant.org; \
 };
 id=EVAL_RHSBLS; \
  &&RHSBLS_REVERSE; &&RHSBLS_SENDER; rhsblcount=all; \
  action=set(HIT_rhsbls=$$rhsblcount)
 id=REJECT_RHSBL_MULTI; \
  HIT_rhsbls>=2; \
  action=REJECT Blocked - contact postmaster@example.net for help - Multiple RHSBLs
 ## See if we get any combined hits from rules before
 id=REJECT_RBL_RHSBL; \
  HIT_rbls>=1; HIT_rhsbls>=1; \
  action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and DNSBL
 id=REJECT_RBL_HELO; \
  HIT_rbls>=1; HIT_helo==1; \
  action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and suspicious HELO [$$helo_name]
 id=REJECT_RBL_NODNS; \
  HIT_rbls>=1; HIT_nodns==1; \
  action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and missing reverse DNS [$$client_address]
 id=REJECT_RHSBL_HELO; \
  HIT_rhsbls>=1; HIT_helo==1; \
  action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and suspicious HELO [$$helo_name]
 id=REJECT_RHSBL_NODNS; \
  HIT_rhsbls>=1; HIT_nodns==1; \
  action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and missing reverse DNS [$$client_address]
 ## Finally greylist all lesser hits.
 ##
 ## A more DNSBL friendly way would be to greylist everything suspicious
 ## before DNS checks. Currently this requires you to setup some postfix
 ## tables before postfwd is called, since greylisting can be only done last
 ## in postfwd (action always exits processing).
 id=GREY_HELO; HIT_helo==1; action=check_postgrey
 id=GREY_NODNS; HIT_nodns==1; action=check_postgrey
 id=GREY_RBL; HIT_rbls>=1; action=check_postgrey
 id=GREY_RHSBL; HIT_rhsbls>=1; action=check_postgrey
 ##
 ## This example is free to use as per BSD license:
 ##
 ## Copyright (c) 2008, Henrik Krohns <hege@hege.li>
 ## All rights reserved.
 ## 
 ## Redistribution and use in source and binary forms, with or without modification,
 ## are permitted provided that the following conditions are met:
 ## 
 ##  * Redistributions of source code must retain the above copyright
 ##    notice, this list of conditions and the following disclaimer.
 ##  * Redistributions in binary form must reproduce the above copyright
 ##    notice, this list of conditions and the following disclaimer in
 ##    the documentation and/or other materials provided with the
 ##    distribution.
 ##  * Neither the name of the authors nor the names of his contributors
 ##    may be used to endorse or promote products derived from this
 ##    software without specific prior written permission.
 ## 
 ## THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 ## INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 ## FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT,
 ## INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 ## NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 ## PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 ## WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 ## POSSIBILITY OF SUCH DAMAGE.
 ##
--- a/debian/hapolicy.docs
+++ b/debian/hapolicy.docs
@ -1,3 +0,0 @@
 doc/hapolicy.txt
 tools/hapolicy/hapolicy.*
 tools/hapolicy/hapolicy[0-9a-zA-Z.]*
--- a/debian/hapolicy.manpages
+++ b/debian/hapolicy.manpages
@ -1 +0,0 @@
 man/man8/hapolicy.1
--- a/debian/patches/10_fix_wording_manpages.patch
+++ b/debian/patches/10_fix_wording_manpages.patch
@ -1,172 +0,0 @@
 From: Jan Wagner <waja@cyconet.org>
 Subject: Fixing cosmetical issues
 diff --git a/man/man8/postfwd.8 b/man/man8/postfwd.8
 index 3e4354b..49deff1 100644
 --- a/man/man8/postfwd.8
 +++ b/man/man8/postfwd.8
@@ -335,7 +335,7 @@ postfwd versions prior to 1.30 require trailing ';' and '\e'\-characters:
 \&                                  the specified action will be returned to postfix
 \&                                  scores are set global until redefined!
 \&
 -\&        request_score           \- this value allows to access a request\*(Aqs score. it
 +\&        request_score           \- this value allows one to access a request\*(Aqs score. it
 \&                                  may be used as variable ($$request_score).
 \&
 \&        rbl, rhsbl,             \- query the specified RBLs/RHSBLs, possible values are:
@@ -466,7 +466,7 @@ The following items currently have to be unique:
 \&        id, minimum and maximum values, rblcount and rhsblcount
 .Ve
 .PP
 -Any item can be negated by preceeding '!!' to it, e.g.:
 +Any item can be negated by preceding '!!' to it, e.g.:
 .PP
 .Vb 1
 \&        id=HOST001 ;  hostname == !!secure.trust.local ;  action=REJECT only secure.trust.local please
@@ -484,7 +484,7 @@ To avoid confusion with regexps or simply for better visibility you can use '!!(
 \&        id=USER01 ;  sasl_username = !!( (bob|alice) )  ;  action=REJECT who is that?
 .Ve
 .PP
 -Request attributes can be compared by preceeding '$$' characters, e.g.:
 +Request attributes can be compared by preceding '$$' characters, e.g.:
 .PP
 .Vb 3
 \&        id=R\-003 ;  client_name = !! $$helo_name      ;  action=WARN helo does not match DNS
@@ -637,7 +637,7 @@ with postfwd1 v1.15 and postfwd2 v0.18 and higher.
 \&\fIGeneral\fR
 .PP
 Actions will be executed, when all rule items have matched a request (or at least one of any item list). You can refer to
 -request attributes by preceeding $$ characters, like:
 +request attributes by preceding $$ characters, like:
 .PP
 .Vb 3
 \&        id=R\-003; client_name = !!$$helo_name; action=WARN helo \*(Aq$$helo_name\*(Aq does not match DNS \*(Aq$$client_name\*(Aq
@@ -730,7 +730,7 @@ postfwd actions control the behaviour of the program. Currently you can specify
 \&        means that requests from bob@example.local and BoB@example.local will be treated differently
 \&
 \&        ask (<addr>:<port>[:<ignore>])
 -\&        allows to delegate the policy decision to another policy service (e.g. postgrey). the first
 +\&        allows one to delegate the policy decision to another policy service (e.g. postgrey). the first
 \&        and the second argument (address and port) are mandatory. a third optional argument may be
 \&        specified to tell postfwd to ignore certain answers and go on parsing the ruleset:
 \&           # example1: query postgrey and return it\*(Aqs answer to postfix
@@ -832,7 +832,7 @@ carefully, because errors may cause postfwd to break! It is also
 allowed to override attributes or built-in functions, but be sure that you know
 what you do because some of them are used internally.
 .PP
 -Please keep security in mind, when you access sensible ressources and never, ever
 +Please keep security in mind, when you access sensible resources and never, ever
 run postfwd as privileged user! Also never trust your input (especially hostnames,
 and e\-mail addresses).
 .PP
@@ -866,7 +866,7 @@ the policy delegation request and therefore may be used in postfwd's ruleset.
 \&
 \&                # EXAMPLES \- integrated in postfwd. no need to activate them here.
 \&                
 -\&                        # allows to check postfwd version in ruleset
 +\&                        # allows one to check postfwd version in ruleset
 \&                        "version" => sub {
 \&                                my(%request) = @_;
 \&                                my(%result) = (
@@ -1505,7 +1505,7 @@ equals to
 \&        id=R001; sender=bob@alice.local; client_address=192.168.1.1; action=dunno
 .Ve
 .PP
 -Lists will be evaluated in the specified order. This allows to place faster expressions at first:
 +Lists will be evaluated in the specified order. This allows one to place faster expressions at first:
 .PP
 .Vb 1
 \&        postfwd \-vv \-L \-r "id=RBL001; rbl=localrbl.local zen.spamhaus.org; action=REJECT" /some/where/request.sample
 diff --git a/man/man8/postfwd2.8 b/man/man8/postfwd2.8
 index 11319fd..fdb3a6f 100644
 --- a/man/man8/postfwd2.8
 +++ b/man/man8/postfwd2.8
@@ -193,7 +193,7 @@ postfwd2 \- postfix firewall daemon
 \&        \-n, \-\-nodns                     skip any dns based test
 \&            \-\-dns_timeout <i>           dns query timeout in seconds
 \&            \-\-dns_timeout_max <i>       disable dnsbl after <i> timeouts
 -\&            \-\-dns_timeout_interval <i>  reenable dnsbl after <i> seconds
 +\&            \-\-dns_timeout_interval <i>  re-enable dnsbl after <i> seconds
 \&            \-\-cache\-rbl\-timeout <i>     default dns ttl if not specified in ruleset
 \&            \-\-cache\-rbl\-default <s>     default dns pattern if not specified in ruleset
 \&            \-\-cleanup\-rbls <i>          cleanup old dns cache items every <i> seconds
@@ -364,7 +364,7 @@ postfwd versions prior to 1.30 require trailing ';' and '\e'\-characters:
 \&                                  the specified action will be returned to postfix
 \&                                  scores are set global until redefined!
 \&
 -\&        request_score           \- this value allows to access a request\*(Aqs score. it
 +\&        request_score           \- this value allows one to access a request\*(Aqs score. it
 \&                                  may be used as variable ($$request_score).
 \&
 \&        rbl, rhsbl,             \- query the specified RBLs/RHSBLs, possible values are:
@@ -495,7 +495,7 @@ The following items must be unique:
 \&        id, minimum and maximum values, rblcount and rhsblcount
 .Ve
 .PP
 -Any item can be negated by preceeding '!!' to it, e.g.:
 +Any item can be negated by preceding '!!' to it, e.g.:
 .PP
 .Vb 1
 \&        id=HOST001 ;  hostname == !!secure.trust.local ;  action=REJECT only secure.trust.local please
@@ -513,7 +513,7 @@ To avoid confusion with regexps or simply for better visibility you can use '!!(
 \&        id=USER01 ;  sasl_username =~ !!( /^(bob|alice)$/ )  ;  action=REJECT who is that?
 .Ve
 .PP
 -Request attributes can be compared by preceeding '$$' characters, e.g.:
 +Request attributes can be compared by preceding '$$' characters, e.g.:
 .PP
 .Vb 3
 \&        id=R\-003 ;  client_name = !! $$helo_name      ;  action=WARN helo does not match DNS
@@ -666,7 +666,7 @@ with postfwd1 v1.15 and postfwd2 v0.18 and higher.
 \&\fIGeneral\fR
 .PP
 Actions will be executed, when all rule items have matched a request (or at least one of any item list). You can refer to
 -request attributes by preceeding $$ characters, like:
 +request attributes by preceding $$ characters, like:
 .PP
 .Vb 3
 \&        id=R\-003; client_name = !!$$helo_name; action=WARN helo \*(Aq$$helo_name\*(Aq does not match DNS \*(Aq$$client_name\*(Aq
@@ -750,7 +750,7 @@ postfwd2 actions control the behaviour of the program. Currently you can specify
 \&        means that requests from bob@example.local and BoB@example.local will be treated differently
 \&
 \&        ask (<addr>:<port>[:<ignore>])
 -\&        allows to delegate the policy decision to another policy service (e.g. postgrey). the first
 +\&        allows one to delegate the policy decision to another policy service (e.g. postgrey). the first
 \&        and the second argument (address and port) are mandatory. a third optional argument may be
 \&        specified to tell postfwd2 to ignore certain answers and go on parsing the ruleset:
 \&           # example1: query postgrey and return it\*(Aqs answer to postfix
@@ -852,7 +852,7 @@ carefully, because errors may cause postfwd to break! It is also
 allowed to override attributes or built-in functions, but be sure that you know
 what you do because some of them are used internally.
 .PP
 -Please keep security in mind, when you access sensible ressources and never, ever
 +Please keep security in mind, when you access sensible resources and never, ever
 run postfwd as privileged user! Also never trust your input (especially hostnames,
 and e\-mail addresses).
 .PP
@@ -886,7 +886,7 @@ the policy delegation request and therefore may be used in postfwd's ruleset.
 \&
 \&                # EXAMPLES \- integrated in postfwd. no need to activate them here.
 \&                
 -\&                        # allows to check postfwd version in ruleset
 +\&                        # allows one to check postfwd version in ruleset
 \&                        "version" => sub {
 \&                                my(%request) = @_;
 \&                                my(%result) = (
@@ -1524,7 +1524,7 @@ equals to
 \&        id=R001; sender=bob@alice.local; client_address=192.168.1.1; action=dunno
 .Ve
 .PP
 -Lists will be evaluated in the specified order. This allows to place faster expressions at first:
 +Lists will be evaluated in the specified order. This allows one to place faster expressions at first:
 .PP
 .Vb 1
 \&        postfwd2 \-\-nodaemon \-vv \-L \-r "id=RBL001; rbl=localrbl.local zen.spamhaus.org; action=REJECT" /some/where/request.sample
@@ -1601,7 +1601,7 @@ To debug special steps of the parser the '\-\-debug' switch takes a list of debu
 .PP
 The common way to use postfwd2 is to start it as daemon, listening at a specified tcp port.
 postfwd2 will spawn multiple child processes which communicate with a parent cache. This is
 -the prefered way to use postfwd2 in high volume environments. Start postfwd2 with the following parameters:
 +the preferred way to use postfwd2 in high volume environments. Start postfwd2 with the following parameters:
 .PP
 .Vb 1
 \&        postfwd2 \-d \-f /etc/postfwd.cf \-i 127.0.0.1 \-p 10045 \-u nobody \-g nobody \-S
--- a/debian/patches/20_fix_postfwd1_default_umask.patch
+++ b/debian/patches/20_fix_postfwd1_default_umask.patch
@ -1,15 +0,0 @@
 From: Jan Wagner <waja@cyconet.org>
 Subject: Fixing default umask of postfwd
 diff --git a/sbin/postfwd b/sbin/postfwd
 index e17a729..62f90bb 100755
 --- a/sbin/postfwd
 +++ b/sbin/postfwd
@@ -49,7 +49,7 @@ our($def_net_chroot)		= "";
 our($def_net_interface)		= "127.0.0.1";
 our($def_net_port)		= "10040";
 our($def_net_proto)		= "tcp";
 -our($def_net_umask)		= "0111";
 +our($def_net_umask)		= "0177";
 our($def_net_user)		= "nobody";
 our($def_net_group)		= "nobody";
 our($def_dns_queuesize)		= "300";
--- a/debian/patches/series
+++ b/debian/patches/series
@ -1,2 +0,0 @@
 10_fix_wording_manpages.patch
 20_fix_postfwd1_default_umask.patch
--- a/debian/postfwd.README.Debian
+++ b/debian/postfwd.README.Debian
@ -1,68 +0,0 @@
 postfwd for Debian
 ------------------
 1. PROVIDE A CONFIGFILE
 -----------------------
 Please provide a config file, usually /etc/postfix/postfwd.cf. Examples are
 located in /usr/share/doc/postfwd/examples/.
 Another can be found at http://hege.li/howto/spam/etc/postfwd/postfwd.conf
 and is provided as example-cfg2.txt.
 A quickstart guide is available at http://www.postfwd.org/quick.html and the
 online documentation at http://www.postfwd.org/doc.html, the offline version
 can be viewed with 'postfwd -m'.
 2. VERIFY CONFIG
 ----------------
 How interpret the parser your rules, you can check with:
 # postfwd -f /etc/postfix/postfwd.cf -C -v
 Check your rules against sample request:
 # cat request.sample | postfwd -f /etc/postfix/postfwd.cf -L
 # cat request.sample
 ------ snip -------
 ccert_fingerprint=
 size=64063
 helo_name=english-breakfast.cloud9.net
 reverse_client_name=english-breakfast.cloud9.net
 queue_id=
 encryption_cipher=
 encryption_protocol=
 etrn_domain=
 ccert_subject=
 request=smtpd_access_policy
 protocol_state=RCPT
 recipient=someone@domain.local
 instance=6748.46adf3f8.62156.0
 protocol_name=ESMTP
 encryption_keysize=0
 recipient_count=0
 ccert_issuer=
 sender=owner-postfix-users@postfix.org
 client_name=english-breakfast.cloud9.net
 client_address=168.100.1.7
 ------ snip -------
 Samples can be taken into the logfile when starting the daemon with "-vv"
 3. AUTOMATIC STARTUP
 --------------------
 In order to avoid the startup of the daemon on an unconfigured machine,
 automatic startup, on boot, is disabled by default. To enable it just run
 'systemctl enable postfwd.service', when still using SysVinit edit the
 file /etc/default/postfwd and set the "startup" variable to 1.
 4. CHOOSING WHICH POSTFWD VERSION TO USE
 ----------------------------------------
 Since some time, there is also a prefork version available, called postfwd2.
 You can use update-alternatives to choose between 'postfwd1' and 'postfwd2'.
 -- Jan Wagner <waja@cyconet.org>  Mon, 10 Mar 2008 22:37:44 +0100
--- a/debian/postfwd.default
+++ b/debian/postfwd.default
@ -1,15 +0,0 @@
 # Global options for postfwd(8).
 # Set to '1' to enable startup (daemon mode), doesn't affect systemd
 STARTUP=0
 # Config file
 CONF=/etc/postfix/postfwd.cf
 # IP where listen to
 INET=127.0.0.1
 # Port where listen to
 PORT=10040
 # run as user postfw
 RUNAS="postfw"
 # Arguments passed on start (--daemon implied)
 ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size"
--- a/debian/postfwd.docs
+++ b/debian/postfwd.docs
@ -1,5 +0,0 @@
 debian/tmp/*.txt
 doc/*.txt
 doc/postfwd-ARCH.png
 doc/postfwd2.CHANGELOG
 tools/*.pl
--- a/debian/postfwd.examples
+++ b/debian/postfwd.examples
@ -1,4 +0,0 @@
 debian/example-cfg*
 etc/postfwd.cf.sample
 plugins/*.sample
 tools/*.sample
--- a/debian/postfwd.init
+++ b/debian/postfwd.init
@ -1,103 +0,0 @@
 #! /bin/sh
 #		Written by Miquel van Smoorenburg <miquels@cistron.nl>.
 #		Modified for Debian
 #		by Ian Murdock <imurdock@gnu.ai.mit.edu>.
 #
 # Version:	@(#)skeleton  1.9  26-Feb-2001  miquels@cistron.nl
 # /etc/init.d/postfwd: v1 2008/03/12 Jan Wagner <waja@cyconet.org>
 ### BEGIN INIT INFO
 # Provides: postfwd
 # Required-Start: $local_fs $network $remote_fs $syslog
 # Required-Stop: $local_fs $network $remote_fs $syslog
 # Default-Start:  2 3 4 5
 # Default-Stop: 0 1 6
 # Short-Description: start and stop the postfw daemon
 # Description: a Perl policy daemon for the Postfix MTA
 ### END INIT INFO
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
 NAME=postfwd
 DAEMON=/usr/sbin/${NAME}
 PIDFILE=/var/run/$NAME.pid
 DESC=postfwd
 . /lib/lsb/init-functions
 test -x $DAEMON || exit 0
 not_configured () {
        echo "#### WARNING ####"
        echo "${NAME} won't be started/stopped unless it is configured."
        echo "If you want to start ${NAME} as daemon, see /etc/default/${NAME}."
        echo "#################"
        exit 0
 }
 no_configfile () {
 	echo "#### WARNING ####"
 	echo "${NAME} won't be started/stopped unless a rules file is provided at $CONF."
 	echo "#################"
 	exit 0
 }
 # check if postfwd is configured or not
 if [ -f "/etc/default/$NAME" ]
 then
        . /etc/default/$NAME
        if [ "$STARTUP" != "1" ]
        then
                not_configured
        fi
 else
        not_configured
 fi
 # check if rules file is there
 if [ ! -f $CONF ]
 then
 	no_configfile
 fi
 # Check whether we have to drop privileges.
 if [ -n "$RUNAS" ]
 then
        if ! getent passwd "$RUNAS" >/dev/null; then
                RUNAS=""
        fi
 fi
 set -e
 case "$1" in
  start)
 	echo -n "Starting $DESC: "
        start-stop-daemon --start --quiet \
                --name ${NAME} \
                --exec $DAEMON -- ${ARGS} --daemon --file=${CONF} --interface=${INET} --port=${PORT} --user=${RUNAS} --group=${RUNAS} --pidfile=$PIDFILE
 	echo "$NAME."
 	;;
  stop)
 	echo -n "Stopping $DESC: "
 	start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE && rm -rf $PIDFILE
        echo "$NAME."
 	;;
  reload)
 	echo "Reloading $DESC configuration files."
 		kill -HUP $(cat $PIDFILE)
 	;;
  restart|force-reload)
 	echo -n "Restarting $DESC (incl. cache): "
 	        $0 stop > /dev/null
        	sleep 1
 	        $0 start > /dev/null
 	echo "$NAME."
 	;;
  *)
 	N=/etc/init.d/$NAME
 	echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
 	exit 1
 	;;
 esac
 exit 0
--- a/debian/postfwd.manpages
+++ b/debian/postfwd.manpages
@ -1,2 +0,0 @@
 debian/tmp/postfwd1.8
 man/man8/postfwd2.8
--- a/debian/postfwd.postinst
+++ b/debian/postfwd.postinst
@ -1,63 +0,0 @@
 #!/bin/sh
 # based on arpwatch.postinst: v11 2004/09/15 KELEMEN Peter <fuji@debian.org>
 # postinst: v1 2006/01/12 Jan Wagner <waja@cyconet.org>
 set -e
 NUSER="postfw"
 NGROUP="postfw"
 NHOME="/var/lib/$NUSER"
 NGECOS="postfwd user"
 case "$1" in
 	configure)
 		# Take care of group.
 		if NGROUP_ENTRY=`getent group $NGROUP`; then
 			# group exists
 			:
 		else
 			# group does not exist yet
 			addgroup --quiet --system $NGROUP
 		fi
 		# Take care of user.
 		if NUSER_ENTRY=`getent passwd $NUSER`; then
 			# user exists
 			adduser --quiet $NUSER $NGROUP
 			# 
 		else
 			# user does not exist yet
 			adduser --quiet --system	\
 				--ingroup $NGROUP	\
 				--gecos "$NGECOS"	\
 				--home $NHOME		\
 				--no-create-home	\
 				--shell /bin/sh		\
 				--disabled-login	\
 				--disabled-password	\
 				--shell /bin/false	\
 				$NUSER
 		fi
 		# Set up home directory.
 		if [ -d $NHOME ]; then
 			chown -R ${NUSER}:${NGROUP} $NHOME
 			chmod -R o-rwX $NHOME
 		fi
 		;;
 	abort-upgrade|abort-remove|abort-deconfigure)
 		;;
 	*)
 		echo "postinst called with unknown argument \`$1'" >&2
 		exit 1
 		;;
 esac
 update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd1 100 \
                    --slave /usr/share/man/man1/postfwd.1.gz postfwd.1.gz \
                    /usr/share/man/man1/postfwd1.1.gz
 update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd2 120 \
                    --slave /usr/share/man/man1/postfwd.2.gz postfwd.2.gz \
                    /usr/share/man/man1/postfwd2.1.gz
 #DEBHELPER#
--- a/debian/postfwd.postrm
+++ b/debian/postfwd.postrm
@ -1,56 +0,0 @@
 #!/bin/sh
 # based on arpwatch.postrm: v2 2004/09/15 KELEMEN Peter <fuji@debian.org>
 # postrm: v1 2006/10/12 Jan Wagner <waja@cyconet.org>
 NUSER="postfw"
 NGROUP="postfw"
 set -e
 case "$1" in
 	purge)
 		# find first and last SYSTEM_UID numbers
 		for LINE in `grep SYSTEM_UID /etc/adduser.conf | grep -v "^#"`; do
 			case $LINE in
 				FIRST_SYSTEM_UID*)
 					FIST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='`
 					;;
 				LAST_SYSTEM_UID*)
 					LAST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='`
 					;;
 				*)
 					;;
 			esac
 		done
 		# remove system account if necessary
 		if [ -n "$FIST_SYSTEM_UID" ] && [ -n "$LAST_SYSTEM_UID" ]; then
 			if USERID=`getent passwd $NUSER | cut -f 3 -d ':'`; then
 				if [ -n "$USERID" ]; then
 					if [ "$FIST_SYSTEM_UID" -le "$USERID" ] && \
 						[ "$USERID" -le "$LAST_SYSTEM_UID" ]; then
 							if which deluser > /dev/null; then
 								deluser --quiet $NUSER || true
 								# And then remove the group
 								GROUPID=`getent group $NGROUP | cut -f 3 -d ':'`
 								if [ -n "$GROUPID" ]; then
 									if which delgroup > /dev/null; then
 										delgroup --quiet $NGROUP || true
 									fi
 								fi
 							fi
 					fi
 				fi
 			fi
 		fi
 		;;
 	remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
 		;;
 	*)
 		echo "postrm called with unknown argument \`$1'" >&2
 		exit 1
 		;;
 esac
 #DEBHELPER#
--- a/debian/postfwd.prerm
+++ b/debian/postfwd.prerm
@ -1,10 +0,0 @@
 #!/bin/sh
 set -e
 if [ "$1" = remove ] || [ "$1" = deconfigure ]; then
 	update-alternatives --remove postfwd /usr/sbin/postfwd1
 	update-alternatives --remove postfwd /usr/sbin/postfwd2
 fi
 #DEBHELPER#
--- a/debian/postfwd.service
+++ b/debian/postfwd.service
@ -1,15 +0,0 @@
 [Unit]
 Description=Postfix firewall daemon
 After=network.target
 Before=postfix.service
 [Service]
 Environment=PIDFILE=/var/run/postfwd.pid
 EnvironmentFile=-/etc/default/postfwd
 ExecStart=/usr/sbin/postfwd $ARGS --daemon --file $CONF --interface $INET --port $PORT --user $RUNAS --group $RUNAS --pidfile $PIDFILE
 ExecStop=/usr/sbin/postfwd --file $CONF --pidfile $PIDFILE --kill
 ExecReload=/usr/sbin/postfwd --file $CONF --pidfile $PIDFILE --reload
 Type=forking
 [Install]
 WantedBy=multi-user.target
--- a/debian/rules
+++ b/debian/rules
@ -1,57 +0,0 @@
 #!/usr/bin/make -f
 # written by Jan Wagner <waja@cyconet.org>
 #
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 build: build-arch build-indep
 build-arch:
 build-indep:
 clean:
 	# removing generated manpage (not initial shipped)
 	rm -rf man/man8/hapolicy.1
 	dh_testdir
 	dh_testroot
 	dh_clean
 install: build
 	dh_testdir
 	dh_testroot
 	dh_prep
 	# install binaries
 	install -D -m 644 sbin/postfwd debian/postfwd/usr/sbin/postfwd1
 	install -D -m 644 sbin/postfwd2 debian/postfwd/usr/sbin/postfwd2
 	install -D -m 644 tools/hapolicy/hapolicy debian/hapolicy/usr/sbin/hapolicy
 	# install man page
 	mkdir -p debian/tmp/
 	cp man/man8/postfwd.8 debian/tmp/postfwd1.8
 	html2text doc/quick.html > debian/tmp/quick.txt
 	html2text doc/versions.html > debian/tmp/versions.txt
 	pod2man debian/hapolicy/usr/sbin/hapolicy man/man8/hapolicy.1
 # Build architecture-independent files here.
 binary-indep: build install
 	dh_testdir
 	dh_testroot
 	dh_installchangelogs doc/postfwd.CHANGELOG
 	dh_installdocs -ppostfwd -Xhapolicy
 	dh_installdocs -phapolicy tools/hapolicy/hapolicy[0-9a-zA-Z.]*
 	dh_installexamples
 	dh_installinit -- defaults 19 21
 	dh_installsystemd --no-enable
 	dh_installman
 	dh_compress
 	dh_fixperms
 	dh_perl
 	dh_installdeb
 	dh_gencontrol
 	dh_md5sums
 	dh_builddeb
 # Build architecture-dependent files here.
 binary-arch: build install
 binary: binary-indep binary-arch
 .PHONY: build clean binary-indep binary-arch binary install
--- a/debian/source/format
+++ b/debian/source/format
@ -1 +0,0 @@
 3.0 (quilt)
--- a/debian/source/options
+++ b/debian/source/options
@ -1 +0,0 @@
 extend-diff-ignore = '(^|/)(\.travis\.yml|\.git|\.github|\.gitgnore|config\.sub|config\.guess)'
--- a/debian/watch
+++ b/debian/watch
@ -1,2 +0,0 @@
 version=4
 https://postfwd.org postfwd-(.*)\.tar\.gz
--- a/doc/postfwd.CHANGELOG
+++ b/doc/postfwd.CHANGELOG
@ -1,41 +1,3 @@
 1.35
 ====
 - code:    rate(), size() and rcpt() function index is now case insensitive by default
 	   (same limit counters for from@example.org and fRom@eXample.org)
           if you need to treat the localpart case-sensitive according to rfc5321
 	   you may use rate5321(), size5321() and rcpt5321()
 1.34
 ====
 - bugfix:  fixed taint mode logging error for verbose --showconfig and --stdoutlog
 	   options and newer perl versions.
 - bugfix:  check_* functions use print/getline instead of send/recv for large 
 	   --dumpcache output (thanks to Alexandre Simon)
 - code:    log_* routines added to allow the same plugins for postfwd1 and postfwd2
 - code:    added more information when using --debug=cleanup
 - docs:    documentation updates
 - feature: new sendmail(sendmail-path::from::to::subject::body) action.
           Please take a look at the manual, especially about
           it's limitations, before using it!
    ------------------------------------------------------------
     # alert
     action=sendmail(/usr/sbin/sendmail::from@example.org::to@example.org::Subject::Text)
    ------------------------------------------------------------
 1.33
 ====
 - feature: new compare operators *
        ====================================================================
         *ITEM > VALUE                true if ITEM > VALUE
         *ITEM < VALUE                true if ITEM < VALUE
        ====================================================================
 - bugfix:  fixed bug when computing scores with more than 1 digit after the "." (n.nn)
 - bugfix:  fixed bug when computing negative values with the set action
 - bugfix:  ITEMS plugins returning zero values were handled incorrectly
 - bugfix:  max command recursion was not reset for each rule
 1.32
 ====
 - feature: new option --save_rates=<file> allows to load and save
--- a/doc/postfwd.html
+++ b/doc/postfwd.html
@ -1,18 +1,14 @@
 <?xml version="1.0" ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <title>postfwd - postfix firewall daemon</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <link rev="made" href="mailto:root@localhost" />
 </head>
 <body style="background-color: white">
 <!-- INDEX BEGIN -->
 <div name="index">
 <p><a name="__index__"></a></p>
 <!-- INDEX BEGIN -->
 <ul>
@ -41,11 +37,9 @@
 	<li><a href="#license">LICENSE</a></li>
 	<li><a href="#author">AUTHOR</a></li>
 </ul>
 <hr name="index" />
 </div>
 <!-- INDEX END -->
 <hr />
 <p>
 </p>
 <h1><a name="name">NAME</a></h1>
@ -117,8 +111,7 @@
            --config_timeout &lt;i&gt;     parser timeout in seconds
            --keep_rates             do not clear rate limit counters on reload
            --save_rates &lt;file&gt;      save and load rate limits on disk
-            --fast_limit_evaluation  evaluate rate limits before ruleset is parsed
+            --fast_limit_evaluation  evaluate rate limits before ruleset is parsed</pre>
                                     (please note the limitations)</pre>
 <pre>
        Plugins:
            --plugins &lt;file&gt;        loads postfwd plugins from file</pre>
@ -172,8 +165,6 @@ is not important. So the following would lead to the same result as the previous
         ITEM == VALUE                true if ITEM equals VALUE
         ITEM =&gt; VALUE                true if ITEM &gt;= VALUE
         ITEM =&lt; VALUE                true if ITEM &lt;= VALUE
         ITEM &gt;  VALUE                true if ITEM &gt;  VALUE
         ITEM &lt;  VALUE                true if ITEM &lt;  VALUE
         ITEM =~ VALUE                true if ITEM ~= /^VALUE$/i
         ITEM != VALUE                false if ITEM equals VALUE
         ITEM !&gt; VALUE                false if ITEM &gt;= VALUE
@ -451,7 +442,7 @@ necessary. Of course this might increase the system load, so please use it with
 <pre>
        -- FILE /etc/postfwd/clients_west.cf --
        192.168.3.0/24</pre>
-<p>Note that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
+<p>Remind that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
 with postfwd1 v1.15 and postfwd2 v0.18 and higher.</p>
 <p>
 </p>
@ -465,7 +456,7 @@ request attributes by preceeding $$ characters, like:</p>
        id=R-003; client_name = !!$$helo_name; action=WARN helo '$$(helo_name)' does not match DNS '$$(client_name)'</pre>
 <p><em>postfix actions</em></p>
 <p>Actions will be replied to postfix as result to policy delegation requests. Any action that postfix understands is allowed - see
-&quot;man 5 access&quot; or <a href="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a> for a description. If no action is specified, the postfix WARN action
+``man 5 access'' or <a href="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a> for a description. If no action is specified, the postfix WARN action
 which simply logs the event will be used for the corresponding rule.</p>
 <p>postfwd will return dunno if it has reached the end of the ruleset and no rule has matched. This can be changed by placing a last
 rule containing only an action statement:</p>
@ -503,7 +494,7 @@ rule containing only an action statement:</p>
        this command creates a counter for the given &lt;item&gt;, which will be increased any time a request
        containing it arrives. if it exceeds &lt;max&gt; within &lt;time&gt; seconds it will return &lt;action&gt; to postfix.
        rate counters are very fast as they are executed before the ruleset is parsed.
-        please note that &lt;action&gt; was limited to postfix actions (no postfwd actions) for postfwd versions &lt;1.33!
+        please note that &lt;action&gt; is currently limited to postfix actions (no postfwd actions)!
            # no more than 3 requests per 5 minutes
            # from the same &quot;unknown&quot; client
            id=RATE01 ;  client_name==unknown
@ -534,11 +525,6 @@ rule containing only an action statement:</p>
           # recipient count limit 3 per hour per client
           id=RCPT01 ;  protocol_state==END-OF-MESSAGE ;  client_address!=10.1.1.1
              action=rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)</pre>
 <pre>
        rate5321,size5321,rcpt5321 (&lt;item&gt;/&lt;max&gt;/&lt;time&gt;/&lt;action&gt;)
        same as the corresponding non-5321 functions, with the difference that the localpart of
        sender oder recipient addresses are evaluated case-sensitive according to rfc5321. That
        means that requests from bob@example.local and BoB@example.local will be treated differently</pre>
 <pre>
        ask (&lt;addr&gt;:&lt;port&gt;[:&lt;ignore&gt;])
        allows to delegate the policy decision to another policy service (e.g. postgrey). the first
@ -551,15 +537,9 @@ rule containing only an action statement:</p>
           id=GREY; client_address==10.1.1.1; action=ask(127.0.0.1:10031:^dunno$)</pre>
 <pre>
        mail(server/helo/from/to/subject/body)
        This command is deprecated. You should try to use the sendmail() action instead.
        Very basic mail command, that sends a message with the given arguments. LIMITATIONS:
        This basically performs a telnet. No authentication or TLS are available. Additionally it does
        not track notification state and will notify you any time, the corresponding rule hits.</pre>
 <pre>
        sendmail(sendmail-path::from::to::subject::body)
        Mail command, that uses an existing sendmail binary and sends a message with the given arguments.
        LIMITATIONS: The command does not track notification state and will notify you any time, the
        corresponding rule hits (which could mean 100 mails for a mail with 100 recipients at RCPT stage).</pre>
 <pre>
        wait (&lt;delay&gt;)
        pauses the program execution for &lt;delay&gt; seconds. use this for
@ -700,10 +680,6 @@ will be used.</p>
                                        $myresult = ($myitem &lt;= $val);
                                } elsif ($cmp eq '=&gt;') {
                                        $myresult = ($myitem &gt;= $val);
                                } elsif ($cmp eq '&lt;') {
                                        $myresult = ($myitem &lt; $val);
                                } elsif ($cmp eq '&gt;') {
                                        $myresult = ($myitem &gt; $val);
                                } elsif ($cmp eq '!=') {
                                        $myresult = not($myitem == $val);
                                } elsif ($cmp eq '!&lt;') {
@ -733,15 +709,15 @@ continue or to stop parsing the ruleset.</p>
                        # note(&lt;logstring&gt;) command
                        &quot;note&quot;  =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
-                                log_info &quot;[RULES] &quot;.$myline.&quot; - note: &quot;.$myarg if $myarg;
+                                mylogs 'info', &quot;[RULES] &quot;.$myline.&quot; - note: &quot;.$myarg if $myarg;
                                return ($stop,$index,$myaction,$myline,%request);
                        },
                        # skips next &lt;myarg&gt; rules
                        &quot;skip&quot; =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
                                $index += $myarg if ( $myarg and not(($index + $myarg) &gt; $#Rules) );
                                return ($stop,$index,$myaction,$myline,%request);
                        },
@ -749,8 +725,8 @@ continue or to stop parsing the ruleset.</p>
                        # dumps current request contents to syslog
                        &quot;dumprequest&quot; =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
-                                map { log_info &quot;[DUMP] rule=$index, Attribute: $_=$request{$_}&quot; } (keys %request);
+                                map { mylogs 'info', &quot;[DUMP] rule=$index, Attribute: $_=$request{$_}&quot; } (keys %request);
                                return ($stop,$index,$myaction,$myline,%request);
                        },</pre>
 <pre>
@ -1003,10 +979,7 @@ The following arguments will control it's behaviour in this case.</p>
        Once a ratelimit was set by the ruleset, future requests will be evaluated against it
        before consulting the ruleset. This mode was the default behaviour until v1.30.
        With this mode rate limits will be faster, but also eventually set up
-        whitelisting-rules within the ruleset might not work as expected.
+        whitelisting-rules within the ruleset might not work as expected.</pre>
        LIMITATIONS: This option does not allow nested postfwd commands like
                action=rate(sender/3/60/wait(3))
        This option doe not work with the strict-rfc5321 rate() functions.</pre>
 <p><em>Informational arguments</em></p>
 <p>These arguments are for command line usage only. Never ever use them with postfix spawn!</p>
 <pre>
@ -1220,7 +1193,7 @@ check the parser with the -C | --showconfig switch at the command line before ap
        Rule   0: id-&gt;&quot;RBL001&quot;; action-&gt;&quot;REJECT listed on spamcop and bad rdns&quot;; rbl-&gt;&quot;bl.spamcop.net&quot;; client_name-&gt;&quot;^unknown$&quot;</pre>
 <p><em>Request processing</em></p>
 <p>When a policy delegation request arrives it will be compared against postfwd`s ruleset. To inspect the processing in detail you should increase
-verbority using use the &quot;-v&quot; or &quot;-vv&quot; switch. &quot;-L&quot; redirects log messages to stdout.</p>
+verbority using use the ``-v'' or ``-vv'' switch. ``-L'' redirects log messages to stdout.</p>
 <p>Keeping the order of the ruleset in general, items will be compared in random order, which basically means that</p>
 <pre>
        id=R001; action=dunno; client_address=192.168.1.1; sender=bob@alice.local</pre>
@ -1259,7 +1232,7 @@ to compare against the request attribute the parser will jump to the next rule i
 <p>If a rule matches, there are two options:</p>
 <p>* Rule returns postfix action (dunno, reject, ...)
 The parser stops rule processing and returns the action to postfix. Other rules will not be evaluated.</p>
-<p>* Rule returns postfwd action (jump(), <code>note()</code>, ...)
+<p>* Rule returns postfwd action (jump(), note(), ...)
 The parser evaluates the given action and continues with the next rule (except for the <code>jump()</code> or <code>quit()</code> actions - please see the <a href="#actions">ACTIONS</a> section
 for more information). Nothing will be sent to postfix.</p>
 <p>If no rule has matched and the end of the ruleset is reached postfwd will return dunno without logging anything unless in verbose mode. You may
@ -1279,7 +1252,7 @@ it`s internal caching in that case. Start postfwd with the following parameters:
        postfwd -d -f /etc/postfwd.cf -i 127.0.0.1 -p 10040 -u nobody -g nobody -S</pre>
 <p>For efficient caching you should check if you can use the options --cache-rdomain-only, --cache-no-sender
 and --cache-no-size.</p>
-<p>Now check your syslogs (default facility &quot;mail&quot;) for a line like:</p>
+<p>Now check your syslogs (default facility ``mail'') for a line like:</p>
 <pre>
        Aug  9 23:00:24 mail postfwd[5158]: postfwd n.nn ready for input</pre>
 <p>and use `netstat -an|grep 10040` to check for something like</p>
@ -1334,7 +1307,7 @@ I won`t discuss that here. If you plan to do so, just add the following line to
                disable         = no
        }</pre>
 <p>and restart the xinetd daemon (usually a SIGHUP should be fine). If you experience problems
-you might want to check your system's log for xinetd errors like &quot;socket already in use&quot;.</p>
+you might want to check your system's log for xinetd errors like ``socket already in use''.</p>
 <p>The integration with postfix is similar to the <em>Integration via daemon mode</em> section above.
 Reload postfix and watch your logs to see if everything works.</p>
 <p>
--- a/doc/postfwd.txt
+++ b/doc/postfwd.txt
@ -66,7 +66,6 @@ SYNOPSIS
                --keep_rates             do not clear rate limit counters on reload
                --save_rates <file>      save and load rate limits on disk
                --fast_limit_evaluation  evaluate rate limits before ruleset is parsed
                                         (please note the limitations)
            Plugins:
                --plugins <file>        loads postfwd plugins from file
@ -134,8 +133,6 @@ DESCRIPTION
             ITEM == VALUE                true if ITEM equals VALUE
             ITEM => VALUE                true if ITEM >= VALUE
             ITEM =< VALUE                true if ITEM <= VALUE
             ITEM >  VALUE                true if ITEM >  VALUE
             ITEM <  VALUE                true if ITEM <  VALUE
             ITEM =~ VALUE                true if ITEM ~= /^VALUE$/i
             ITEM != VALUE                false if ITEM equals VALUE
             ITEM !> VALUE                false if ITEM >= VALUE
@ -460,7 +457,7 @@ DESCRIPTION
            -- FILE /etc/postfwd/clients_west.cf --
            192.168.3.0/24
-    Note that there is currently no loop detection (/a/file calls /a/file)
+    Remind that there is currently no loop detection (/a/file calls /a/file)
    and that this feature is only available with postfwd1 v1.15 and postfwd2
    v0.18 and higher.
@ -523,7 +520,7 @@ DESCRIPTION
            this command creates a counter for the given <item>, which will be increased any time a request
            containing it arrives. if it exceeds <max> within <time> seconds it will return <action> to postfix.
            rate counters are very fast as they are executed before the ruleset is parsed.
-            please note that <action> was limited to postfix actions (no postfwd actions) for postfwd versions <1.33!
+            please note that <action> is currently limited to postfix actions (no postfwd actions)!
                # no more than 3 requests per 5 minutes
                # from the same "unknown" client
                id=RATE01 ;  client_name==unknown
@ -555,11 +552,6 @@ DESCRIPTION
               id=RCPT01 ;  protocol_state==END-OF-MESSAGE ;  client_address!=10.1.1.1
                  action=rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)
            rate5321,size5321,rcpt5321 (<item>/<max>/<time>/<action>)
            same as the corresponding non-5321 functions, with the difference that the localpart of
            sender oder recipient addresses are evaluated case-sensitive according to rfc5321. That
            means that requests from bob@example.local and BoB@example.local will be treated differently
            ask (<addr>:<port>[:<ignore>])
            allows to delegate the policy decision to another policy service (e.g. postgrey). the first
            and the second argument (address and port) are mandatory. a third optional argument may be
@ -571,16 +563,10 @@ DESCRIPTION
               id=GREY; client_address==10.1.1.1; action=ask(127.0.0.1:10031:^dunno$)
            mail(server/helo/from/to/subject/body)
            This command is deprecated. You should try to use the sendmail() action instead.
            Very basic mail command, that sends a message with the given arguments. LIMITATIONS:
            This basically performs a telnet. No authentication or TLS are available. Additionally it does
            not track notification state and will notify you any time, the corresponding rule hits.
            sendmail(sendmail-path::from::to::subject::body)
            Mail command, that uses an existing sendmail binary and sends a message with the given arguments.
            LIMITATIONS: The command does not track notification state and will notify you any time, the
            corresponding rule hits (which could mean 100 mails for a mail with 100 recipients at RCPT stage).
            wait (<delay>)
            pauses the program execution for <delay> seconds. use this for
            delaying or throtteling connections.
@ -738,10 +724,6 @@ DESCRIPTION
                                            $myresult = ($myitem <= $val);
                                    } elsif ($cmp eq '=>') {
                                            $myresult = ($myitem >= $val);
                                    } elsif ($cmp eq '<') {
                                            $myresult = ($myitem < $val);
                                    } elsif ($cmp eq '>') {
                                            $myresult = ($myitem > $val);
                                    } elsif ($cmp eq '!=') {
                                            $myresult = not($myitem == $val);
                                    } elsif ($cmp eq '!<') {
@ -773,15 +755,15 @@ DESCRIPTION
                            # note(<logstring>) command
                            "note"  => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
-                                    log_info "[RULES] ".$myline." - note: ".$myarg if $myarg;
+                                    mylogs 'info', "[RULES] ".$myline." - note: ".$myarg if $myarg;
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
                            # skips next <myarg> rules
                            "skip" => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
                                    $index += $myarg if ( $myarg and not(($index + $myarg) > $#Rules) );
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
@ -789,8 +771,8 @@ DESCRIPTION
                            # dumps current request contents to syslog
                            "dumprequest" => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
-                                    map { log_info "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
+                                    map { mylogs 'info', "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
@ -1056,9 +1038,6 @@ DESCRIPTION
            before consulting the ruleset. This mode was the default behaviour until v1.30.
            With this mode rate limits will be faster, but also eventually set up
            whitelisting-rules within the ruleset might not work as expected.
            LIMITATIONS: This option does not allow nested postfwd commands like
                    action=rate(sender/3/60/wait(3))
            This option doe not work with the strict-rfc5321 rate() functions.
    *Informational arguments*
--- a/doc/postfwd2.CHANGELOG
+++ b/doc/postfwd2.CHANGELOG
@ -1,41 +1,3 @@
 postfwd2 1.35
 =============
 - code:    rate(), size() and rcpt() function index is now case insensitive by default
           (same limit counters for from@example.org and fRom@eXample.org)
           if you need to treat the localpart case-sensitive according to rfc5321
           you may use rate5321(), size5321() and rcpt5321().
 - bugfix:  fixed segfault when using new perl versions (prevented to work with upstart)
 postfwd2 1.34
 =============
 - bugfix:  fixed taint mode logging error for verbose --showconfig and --stdoutlog
           options and newer perl versions.
 - bugfix:  check_* functions use print/getline instead of send/recv for large
           --dumpcache output (thanks to Alexandre Simon)
 - code:    added more information when using --debug=cleanup
 - docs:    documentation updates
 - feature: new sendmail(sendmail-path::from::to::subject::body) action.
           Please take a look at the manual, especially about
           it's limitations, before using it!
    ------------------------------------------------------------
     # alert
     action=sendmail(/usr/sbin/sendmail::from@example.org::to@example.org::Subject::Text)
    ------------------------------------------------------------
 postfwd2 1.33
 =============
 - feature: new compare operators *
        ====================================================================
         ITEM > VALUE                true if ITEM > VALUE
         ITEM < VALUE                true if ITEM < VALUE
        ====================================================================
 - bugfix:  fixed bug when computing scores with more than 1 digit after the "." (n.nn)
 - bugfix:  fixed bug when computing negative values with the set action
 - bugfix:  ITEMS plugins returning zero values were handled incorrectly
 - bugfix:  max command recursion was not reset for each rule
 - bugfix:  fixed warning about use of (uninitialized value) when STORABLE is available
           but no cache file was defined
 postfwd2 1.32
 =============
 - feature: new option --save_rates=<file> allows to load and save
--- a/doc/postfwd2.html
+++ b/doc/postfwd2.html
@ -1,18 +1,14 @@
 <?xml version="1.0" ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 <title>postfwd2 - postfix firewall daemon</title>
 <meta http-equiv="content-type" content="text/html; charset=utf-8" />
 <link rev="made" href="mailto:root@localhost" />
 </head>
 <body style="background-color: white">
 <!-- INDEX BEGIN -->
 <div name="index">
 <p><a name="__index__"></a></p>
 <!-- INDEX BEGIN -->
 <ul>
@ -42,11 +38,9 @@
 	<li><a href="#license">LICENSE</a></li>
 	<li><a href="#author">AUTHOR</a></li>
 </ul>
 <hr name="index" />
 </div>
 <!-- INDEX END -->
 <hr />
 <p>
 </p>
 <h1><a name="name">NAME</a></h1>
@ -131,8 +125,7 @@
            --config_timeout &lt;i&gt;        parser timeout in seconds
            --keep_rates                do not clear rate limit counters on reload
            --save_rates &lt;file&gt;         save and load rate limits on disk
-            --fast_limit_evaluation     evaluate rate limits before ruleset is parsed
+            --fast_limit_evaluation     evaluate rate limits before ruleset is parsed</pre>
                                        (please note the limitations)</pre>
 <pre>
        Plugins:
            --plugins &lt;file&gt;            loads postfwd plugins from file</pre>
@ -201,8 +194,6 @@ is not important. So the following would lead to the same result as the previous
         ITEM == VALUE                true if ITEM equals VALUE
         ITEM =&gt; VALUE                true if ITEM &gt;= VALUE
         ITEM =&lt; VALUE                true if ITEM &lt;= VALUE
         ITEM &gt;  VALUE                true if ITEM &gt;  VALUE
         ITEM &lt;  VALUE                true if ITEM &lt;  VALUE
         ITEM =~ VALUE                true if ITEM ~= /^VALUE$/i
         ITEM != VALUE                false if ITEM equals VALUE
         ITEM !&gt; VALUE                false if ITEM &gt;= VALUE
@ -480,7 +471,7 @@ necessary. Of course this might increase the system load, so please use it with
 <pre>
        -- FILE /etc/postfwd/clients_west.cf --
        192.168.3.0/24</pre>
-<p>Note that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
+<p>Remind that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
 with postfwd1 v1.15 and postfwd2 v0.18 and higher.</p>
 <p>
 </p>
@ -494,7 +485,7 @@ request attributes by preceeding $$ characters, like:</p>
        id=R-003; client_name = !!$$helo_name; action=WARN helo '$$(helo_name)' does not match DNS '$$(client_name)'</pre>
 <p><em>postfix actions</em></p>
 <p>Actions will be replied to postfix as result to policy delegation requests. Any action that postfix understands is allowed - see
-&quot;man 5 access&quot; or <a href="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a> for a description. If no action is specified, the postfix WARN action
+``man 5 access'' or <a href="http://www.postfix.org/access.5.html">http://www.postfix.org/access.5.html</a> for a description. If no action is specified, the postfix WARN action
 which simply logs the event will be used for the corresponding rule.</p>
 <p>postfwd2 will return dunno if it has reached the end of the ruleset and no rule has matched. This can be changed by placing a last
 rule containing only an action statement:</p>
@ -532,7 +523,7 @@ rule containing only an action statement:</p>
        this command creates a counter for the given &lt;item&gt;, which will be increased any time a request
        containing it arrives. if it exceeds &lt;max&gt; within &lt;time&gt; seconds it will return &lt;action&gt; to postfix.
        rate counters are very fast as they are executed before the ruleset is parsed.
-        please note that &lt;action&gt; was limited to postfix actions (no postfwd actions) for postfwd versions &lt;1.33!
+        please note that &lt;action&gt; is currently limited to postfix actions (no postfwd actions)!
            # no more than 3 requests per 5 minutes
            # from the same &quot;unknown&quot; client
            id=RATE01 ;  client_name==unknown
@ -554,11 +545,6 @@ rule containing only an action statement:</p>
           # recipient count limit 3 per hour per client
           id=RCPT01 ;  protocol_state==END-OF-MESSAGE ;  client_address==!!(10.1.1.1)
              action=rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)</pre>
 <pre>
        rate5321,size5321,rcpt5321 (&lt;item&gt;/&lt;max&gt;/&lt;time&gt;/&lt;action&gt;)
        same as the corresponding non-5321 functions, with the difference that the localpart of
        sender oder recipient addresses are evaluated case-sensitive according to rfc5321. That
        means that requests from bob@example.local and BoB@example.local will be treated differently</pre>
 <pre>
        ask (&lt;addr&gt;:&lt;port&gt;[:&lt;ignore&gt;])
        allows to delegate the policy decision to another policy service (e.g. postgrey). the first
@ -571,15 +557,9 @@ rule containing only an action statement:</p>
           id=GREY; client_address==10.1.1.1; action=ask(127.0.0.1:10031:^dunno$)</pre>
 <pre>
        mail(server/helo/from/to/subject/body)
        This command is deprecated. You should try to use the sendmail() action instead.
        Very basic mail command, that sends a message with the given arguments. LIMITATIONS:
        This basically performs a telnet. No authentication or TLS are available. Additionally it does
        not track notification state and will notify you any time, the corresponding rule hits.</pre>
 <pre>
        sendmail(sendmail-path::from::to::subject::body)
        Mail command, that uses an existing sendmail binary and sends a message with the given arguments.
        LIMITATIONS: The command does not track notification state and will notify you any time, the
        corresponding rule hits (which could mean 100 mails for a mail with 100 recipients at RCPT stage).</pre>
 <pre>
        wait (&lt;delay&gt;)
        pauses the program execution for &lt;delay&gt; seconds. use this for
@ -720,10 +700,6 @@ will be used.</p>
                                        $myresult = ($myitem &lt;= $val);
                                } elsif ($cmp eq '=&gt;') {
                                        $myresult = ($myitem &gt;= $val);
                                } elsif ($cmp eq '&lt;') {
                                        $myresult = ($myitem &lt; $val);
                                } elsif ($cmp eq '&gt;') {
                                        $myresult = ($myitem &gt; $val);
                                } elsif ($cmp eq '!=') {
                                        $myresult = not($myitem == $val);
                                } elsif ($cmp eq '!&lt;') {
@ -753,15 +729,15 @@ continue or to stop parsing the ruleset.</p>
                        # note(&lt;logstring&gt;) command
                        &quot;note&quot;  =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
-                                log_info &quot;[RULES] &quot;.$myline.&quot; - note: &quot;.$myarg if $myarg;
+                                mylogs 'info', &quot;[RULES] &quot;.$myline.&quot; - note: &quot;.$myarg if $myarg;
                                return ($stop,$index,$myaction,$myline,%request);
                        },
                        # skips next &lt;myarg&gt; rules
                        &quot;skip&quot; =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
                                $index += $myarg if ( $myarg and not(($index + $myarg) &gt; $#Rules) );
                                return ($stop,$index,$myaction,$myline,%request);
                        },
@ -769,8 +745,8 @@ continue or to stop parsing the ruleset.</p>
                        # dumps current request contents to syslog
                        &quot;dumprequest&quot; =&gt; sub {
                                my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                my($myaction) = 'dunno'; my($stop) = 0;
+                                my($myaction) = $default_action; my($stop) = 0;
-                                map { log_info &quot;[DUMP] rule=$index, Attribute: $_=$request{$_}&quot; } (keys %request);
+                                map { mylogs 'info', &quot;[DUMP] rule=$index, Attribute: $_=$request{$_}&quot; } (keys %request);
                                return ($stop,$index,$myaction,$myline,%request);
                        },</pre>
 <pre>
@ -1002,10 +978,7 @@ The following arguments will control it's behaviour in this case.</p>
        Once a ratelimit was set by the ruleset, future requests will be evaluated against it
        before consulting the ruleset. This mode was the default behaviour until v1.30.
        With this mode rate limits will be faster, but also eventually set up
-        whitelisting-rules within the ruleset might not work as expected.
+        whitelisting-rules within the ruleset might not work as expected.</pre>
        LIMITATIONS: This option does not allow nested postfwd commands like
                action=rate(sender/3/60/wait(3))
        This option doe not work with the strict-rfc5321 rate() functions.</pre>
 <p><em>Informational arguments</em></p>
 <p>These arguments are for command line usage only. Never ever use them with postfix!</p>
 <pre>
@ -1242,7 +1215,7 @@ check the parser with the -C | --showconfig switch at the command line before ap
        Rule   0: id-&gt;&quot;RBL001&quot;; action-&gt;&quot;REJECT listed on spamcop and bad rdns&quot;; rbl-&gt;&quot;bl.spamcop.net&quot;; client_name-&gt;&quot;^unknown$&quot;</pre>
 <p><em>Request processing</em></p>
 <p>When a policy delegation request arrives it will be compared against postfwd`s ruleset. To inspect the processing in detail you should increase
-verbority using use the &quot;-v&quot; or &quot;-vv&quot; switch. &quot;-L&quot; redirects log messages to stdout.</p>
+verbority using use the ``-v'' or ``-vv'' switch. ``-L'' redirects log messages to stdout.</p>
 <p>Keeping the order of the ruleset in general, items will be compared in random order, which basically means that</p>
 <pre>
        id=R001; action=dunno; client_address=192.168.1.1; sender=bob@alice.local</pre>
@ -1281,7 +1254,7 @@ to compare against the request attribute the parser will jump to the next rule i
 <p>If a rule matches, there are two options:</p>
 <p>* Rule returns postfix action (dunno, reject, ...)
 The parser stops rule processing and returns the action to postfix. Other rules will not be evaluated.</p>
-<p>* Rule returns postfwd2 action (jump(), <code>note()</code>, ...)
+<p>* Rule returns postfwd2 action (jump(), note(), ...)
 The parser evaluates the given action and continues with the next rule (except for the <code>jump()</code> or <code>quit()</code> actions - please see the <a href="#actions">ACTIONS</a> section
 for more information). Nothing will be sent to postfix.</p>
 <p>If no rule has matched and the end of the ruleset is reached postfwd2 will return dunno without logging anything unless in verbose mode. You may
@ -1310,7 +1283,7 @@ the prefered way to use postfwd2 in high volume environments. Start postfwd2 wit
        postfwd2 -d -f /etc/postfwd.cf -i 127.0.0.1 -p 10045 -u nobody -g nobody -S</pre>
 <p>For efficient caching you should check if you can use the options --cacheid, --cache-rdomain-only,
 --cache-no-sender and --cache-no-size.</p>
-<p>Now check your syslogs (default facility &quot;mail&quot;) for a line like:</p>
+<p>Now check your syslogs (default facility ``mail'') for a line like:</p>
 <pre>
        Aug  9 23:00:24 mail postfwd[5158]: postfwd2 n.nn ready for input</pre>
 <p>and use `netstat -an|grep 10045` to check for something like</p>
--- a/doc/postfwd2.txt
+++ b/doc/postfwd2.txt
@ -79,8 +79,6 @@ SYNOPSIS
                --keep_rates                do not clear rate limit counters on reload
                --save_rates <file>         save and load rate limits on disk
                --fast_limit_evaluation     evaluate rate limits before ruleset is parsed
                                            (please note the limitations)
            Plugins:
                --plugins <file>            loads postfwd plugins from file
@ -163,8 +161,6 @@ DESCRIPTION
             ITEM == VALUE                true if ITEM equals VALUE
             ITEM => VALUE                true if ITEM >= VALUE
             ITEM =< VALUE                true if ITEM <= VALUE
             ITEM >  VALUE                true if ITEM >  VALUE
             ITEM <  VALUE                true if ITEM <  VALUE
             ITEM =~ VALUE                true if ITEM ~= /^VALUE$/i
             ITEM != VALUE                false if ITEM equals VALUE
             ITEM !> VALUE                false if ITEM >= VALUE
@ -489,7 +485,7 @@ DESCRIPTION
            -- FILE /etc/postfwd/clients_west.cf --
            192.168.3.0/24
-    Note that there is currently no loop detection (/a/file calls /a/file)
+    Remind that there is currently no loop detection (/a/file calls /a/file)
    and that this feature is only available with postfwd1 v1.15 and postfwd2
    v0.18 and higher.
@ -552,7 +548,7 @@ DESCRIPTION
            this command creates a counter for the given <item>, which will be increased any time a request
            containing it arrives. if it exceeds <max> within <time> seconds it will return <action> to postfix.
            rate counters are very fast as they are executed before the ruleset is parsed.
-            please note that <action> was limited to postfix actions (no postfwd actions) for postfwd versions <1.33!
+            please note that <action> is currently limited to postfix actions (no postfwd actions)!
                # no more than 3 requests per 5 minutes
                # from the same "unknown" client
                id=RATE01 ;  client_name==unknown
@ -575,11 +571,6 @@ DESCRIPTION
               id=RCPT01 ;  protocol_state==END-OF-MESSAGE ;  client_address==!!(10.1.1.1)
                  action=rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)
            rate5321,size5321,rcpt5321 (<item>/<max>/<time>/<action>)
            same as the corresponding non-5321 functions, with the difference that the localpart of
            sender oder recipient addresses are evaluated case-sensitive according to rfc5321. That
            means that requests from bob@example.local and BoB@example.local will be treated differently
            ask (<addr>:<port>[:<ignore>])
            allows to delegate the policy decision to another policy service (e.g. postgrey). the first
            and the second argument (address and port) are mandatory. a third optional argument may be
@ -591,16 +582,10 @@ DESCRIPTION
               id=GREY; client_address==10.1.1.1; action=ask(127.0.0.1:10031:^dunno$)
            mail(server/helo/from/to/subject/body)
            This command is deprecated. You should try to use the sendmail() action instead.
            Very basic mail command, that sends a message with the given arguments. LIMITATIONS:
            This basically performs a telnet. No authentication or TLS are available. Additionally it does
            not track notification state and will notify you any time, the corresponding rule hits.
            sendmail(sendmail-path::from::to::subject::body)
            Mail command, that uses an existing sendmail binary and sends a message with the given arguments.
            LIMITATIONS: The command does not track notification state and will notify you any time, the
            corresponding rule hits (which could mean 100 mails for a mail with 100 recipients at RCPT stage).
            wait (<delay>)
            pauses the program execution for <delay> seconds. use this for
            delaying or throtteling connections.
@ -758,10 +743,6 @@ DESCRIPTION
                                            $myresult = ($myitem <= $val);
                                    } elsif ($cmp eq '=>') {
                                            $myresult = ($myitem >= $val);
                                    } elsif ($cmp eq '<') {
                                            $myresult = ($myitem < $val);
                                    } elsif ($cmp eq '>') {
                                            $myresult = ($myitem > $val);
                                    } elsif ($cmp eq '!=') {
                                            $myresult = not($myitem == $val);
                                    } elsif ($cmp eq '!<') {
@ -793,15 +774,15 @@ DESCRIPTION
                            # note(<logstring>) command
                            "note"  => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
-                                    log_info "[RULES] ".$myline." - note: ".$myarg if $myarg;
+                                    mylogs 'info', "[RULES] ".$myline." - note: ".$myarg if $myarg;
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
                            # skips next <myarg> rules
                            "skip" => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
                                    $index += $myarg if ( $myarg and not(($index + $myarg) > $#Rules) );
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
@ -809,8 +790,8 @@ DESCRIPTION
                            # dumps current request contents to syslog
                            "dumprequest" => sub {
                                    my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-                                    my($myaction) = 'dunno'; my($stop) = 0;
+                                    my($myaction) = $default_action; my($stop) = 0;
-                                    map { log_info "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
+                                    map { mylogs 'info', "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
                                    return ($stop,$index,$myaction,$myline,%request);
                            },
@ -1054,9 +1035,6 @@ DESCRIPTION
            before consulting the ruleset. This mode was the default behaviour until v1.30.
            With this mode rate limits will be faster, but also eventually set up
            whitelisting-rules within the ruleset might not work as expected.
            LIMITATIONS: This option does not allow nested postfwd commands like
                    action=rate(sender/3/60/wait(3))
            This option doe not work with the strict-rfc5321 rate() functions.
    *Informational arguments*
--- a/man/man8/postfwd.8
+++ b/man/man8/postfwd.8
--- a/man/man8/postfwd2.8
+++ b/man/man8/postfwd2.8
--- a/plugins/postfwd.plugins.sample
+++ b/plugins/postfwd.plugins.sample
@ -137,15 +137,15 @@
 	#	# note(<logstring>) command
 	#	"note"  => sub {
 	#		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-	#		my($myaction) = 'dunno'; my($stop) = 0;
+	#		my($myaction) = $default_action; my($stop) = 0;
-	#		log_info ("[RULES] ".$myline." - note: ".$myarg) if $myarg;
+	#		mylogs 'info', "[RULES] ".$myline." - note: ".$myarg if $myarg;
 	#		return ($stop,$index,$myaction,$myline,%request);
 	#	},
 	#
 	#	# skips next <myarg> rules
        #	"skip" => sub {
 	#		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-	#		my($myaction) = 'dunno'; my($stop) = 0;
+	#		my($myaction) = $default_action; my($stop) = 0;
 	#		$index += $myarg if ( $myarg and not(($index + $myarg) > $#Rules) );
 	#		return ($stop,$index,$myaction,$myline,%request);
        #	},
@ -153,8 +153,8 @@
 	#	# dumps current request contents to syslog
        #	"dumprequest" => sub {
 	#		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-	#		my($myaction) = 'dunno'; my($stop) = 0;
+	#		my($myaction) = $default_action; my($stop) = 0;
-	#		map { log_info ("[DUMP] rule=$index, Attribute: $_=$request{$_}") } (keys %request);
+	#		map { mylogs 'info', "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
 	#		return ($stop,$index,$myaction,$myline,%request);
        #	},
--- a/sbin/postfwd
+++ b/sbin/postfwd
--- a/sbin/postfwd2
+++ b/sbin/postfwd2
@ -34,7 +34,7 @@ BEGIN {
 # basics
 our $NAME	= "postfwd2";
-our $VERSION	= "1.35";
+our $VERSION	= "1.32";
 our $DEFAULT	= 'DUNNO';
 # change this, to match your POD requirements
@ -75,6 +75,7 @@ our %postfwd_settings = (
 		proto		 => (($nounixsock) ? "tcp" : "unix"),
 		check		 => (($nounixsock) ? \&check_inet : \&check_unix),
 		umask		 => "0177",
 		recvbuffer	 => 65535,
 	},
 	server => {
 		commandline	 => " ".$NAME."::policy",
@ -84,6 +85,7 @@ our %postfwd_settings = (
 		proto            => "tcp",
 		check		 => \&check_inet,
 		umask		 => "0111",
 		recvbuffer	 => 65535,
 		# child control
 		#check_for_dead         => 30,
 		#check_for_waiting      => 10,
@ -297,8 +299,8 @@ sub mylogs_new {
 # Syslog to stdout
 sub mylogs_stdout {
-	my($prio,$msg) = @_; $msg =~ /^(.*)$/;
+	my($prio,$msg) = @_;
-	printf STDOUT "[LOG $prio]: $1\n", @_;
+	printf STDOUT "[LOG $prio]: $msg\n", @_;
 };
 # send log message
@ -343,8 +345,8 @@ sub check_inet {
 		Proto    => 'tcp',
 		Timeout  => $postfwd_settings{timeout}{$type},
 		Type     => SOCK_STREAM ) ) {
-		$socket->print("$send\n");
+		$socket->send("$send\n");
-		$send = $socket->getline();
+		$socket->recv($send, $postfwd_settings{$type}{recvbuffer});
 		$socket->close();
 		chomp($send);
 	} else {
@ -361,8 +363,8 @@ sub check_unix {
 		Peer     => $postfwd_settings{$type}{port},
 		Timeout  => $postfwd_settings{timeout}{$type},
 		Type     => SOCK_STREAM ) ) {
-		$socket->print("$send\n");
+		$socket->send("$send\n");
-		$send = $socket->getline();
+		$socket->recv($send, $postfwd_settings{$type}{recvbuffer});
 		$socket->close();
 		chomp($send);
 	} else {
@ -636,7 +638,6 @@ sub cleanup_cache {
 # saves rate limits to disk
 sub save_rates {
    return unless ($STORABLE and $postfwd_settings{rate}{store} and defined $Cache{rate});
    cleanup_cache ('rate', time());
    eval {
 	local $SIG{__DIE__} = sub { log_note ("ERROR: Could not store rate limits to ".$postfwd_settings{rate}{store}.": $! @_") };
 	store ($Cache{rate}, $postfwd_settings{rate}{store});
@ -650,7 +651,7 @@ sub save_rates {
 # loads rate limits from disk
 sub load_rates {
    my $loadrate = undef;
-    return unless ($STORABLE and $postfwd_settings{rate}{store} and (-f $postfwd_settings{rate}{store}));
+    return unless ($STORABLE and (-f $postfwd_settings{rate}{store}));
    eval {
 	local $SIG{__DIE__} = sub { log_note ("Could not load rate limits from ".$postfwd_settings{rate}{store}.": $! @_") };
 	$loadrate = retrieve($postfwd_settings{rate}{store});
@ -659,7 +660,6 @@ sub load_rates {
 	$Cache{rate} = $loadrate;
        log_info ("Fetched ".(scalar %{$Cache{rate}})." rates from ".$postfwd_settings{rate}{store})
                if wantsdebug(qw[ all verbose rates loadrates saverates ]);
 	cleanup_cache ('rate', time());
    };
 };
@ -880,7 +880,7 @@ my $COMP_HITS                 = "request_hits";
 # item match counter
 my $COMP_MATCHES              = "matches";
 # separator
-my $COMP_SEPARATOR            = "[=\~\<\>]=|[\<\>]|[=\!][=\~\<\>]|=";
+my $COMP_SEPARATOR            = "[=\~\<\>]=|[=\!][=\~\<\>]|=";
 # macros
 my $COMP_ACL                  = "[\&][\&]";
 # negation
@ -1141,7 +1141,7 @@ sub check_for_old_syntax {
  if ($mykey =~ /^action$/) {
    if ($myvalue =~ /^(\w[\-\w]+)\s*\(\s*(.*?)\s*\)$/) {
 	my($mycmd,$myarg) = ($1, $2);
-	if ($mycmd =~ /^(rate|size|rcpt)(5321)?$/i) {
+	if ($mycmd =~ /^(rate|size|rcpt)$/i) {
 	  if ($myarg =~ /^\$\$(.*)$/) {
 	    $myarg = $1;
 	    $myvalue = "$mycmd($myarg)";
@ -1630,7 +1630,7 @@ sub postfwd_items {
 	%result = (%result, &{$postfwd_items{$_}}((%request,%result)))
 		if (defined $postfwd_items{$_});
    };
-    map { $result{$_} = '' unless (defined $result{$_}); log_info ("[PLUGIN]  Added key: $_=$result{$_}") if wantsdebug (qw[ all thisrequest ]) } (keys %result);
+    map { $result{$_} = '' unless $result{$_}; log_info ("[PLUGIN]  Added key: $_=$result{$_}") if wantsdebug (qw[ all thisrequest ]) } (keys %result);
    return %result;
 };
 #
@ -1671,10 +1671,6 @@ sub postfwd_items {
                        $myresult = ($myitem <= $val);
                } elsif ($cmp eq '=>') {
                        $myresult = ($myitem >= $val);
                } elsif ($cmp eq '<') {
                        $myresult = ($myitem < $val);
                } elsif ($cmp eq '>') {
                        $myresult = ($myitem > $val);
                } elsif ($cmp eq '!=') {
                        $myresult = not($myitem == $val);
                } elsif ($cmp eq '!<') {
@ -1839,10 +1835,6 @@ sub postfwd_items {
 			$myresult = (($myitem || 0) >= $val);
 		} elsif ($cmp eq '!>') {
 			$myresult = not(($myitem || 0) >= $val);
 		} elsif ($cmp eq '<') {
 			$myresult = (($myitem || 0) < $val);
 		} elsif ($cmp eq '>') {
 			$myresult = (($myitem || 0) > $val);
 		} elsif ($cmp eq '=~') {
 			$myresult = ($myitem =~ /$val/i);
 		} elsif ($cmp eq '!~') {
@ -1903,13 +1895,13 @@ sub postfwd_items {
 					$m_val = $r_val;
 				} elsif ( ($mod eq '.=') or ($mod eq '=.') ) {
 					$m_val .= $r_val;
-				} elsif ( (($mod eq '+=') or ($mod eq '=+')) and (($m_val=~/^\-?\d+(\.\d+)?$/) and ($r_val=~/^\-?\d+(\.\d+)?$/)) ) {
+				} elsif ( (($mod eq '+=') or ($mod eq '=+')) and (($m_val=~/^\d+(\.\d+)?$/) and ($r_val=~/^\d+(\.\d+)?$/)) ) {
 					$m_val += $r_val;
-				} elsif ( (($mod eq '-=') or ($mod eq '=-')) and (($m_val=~/^\-?\d+(\.\d+)?$/) and ($r_val=~/^\-?\d+(\.\d+)?$/)) ) {
+				} elsif ( (($mod eq '-=') or ($mod eq '=-')) and (($m_val=~/^\d+(\.\d+)?$/) and ($r_val=~/^\d+(\.\d+)?$/)) ) {
 					$m_val -= $r_val;
-				} elsif ( (($mod eq '*=') or ($mod eq '=*')) and (($m_val=~/^\-?\d+(\.\d+)?$/) and ($r_val=~/^\-?\d+(\.\d+)?$/)) ) {
+				} elsif ( (($mod eq '*=') or ($mod eq '=*')) and (($m_val=~/^\d+(\.\d+)?$/) and ($r_val=~/^\d+(\.\d+)?$/)) ) {
 					$m_val *= $r_val;
-				} elsif ( (($mod eq '/=') or ($mod eq '=/')) and (($m_val=~/^\-?\d+(\.\d+)?$/) and ($r_val=~/^\-?\d+(\.\d+)?$/)) ) {
+				} elsif ( (($mod eq '/=') or ($mod eq '=/')) and (($m_val=~/^\d+(\.\d+)?$/) and ($r_val=~/^\d+(\.\d+)?$/)) ) {
 					$m_val /= (($r_val == 0) ? 1 : $r_val);
 				} else {
 					$m_val = $r_val;
@ -1932,7 +1924,7 @@ sub postfwd_items {
 		my($myaction) = $postfwd_settings{default}; my($stop) = 0;
 		my($score) = (defined $request{request_score}) ? $request{request_score} : 0;
 		if ($myarg =~/^([\+\-\*\/\=]?)(\d+)([\.,](\d+))?$/) {
-			my($mod, $val) = ($1, $2 + ((defined $4) ? "0.$4" : 0));
+			my($mod, $val) = ($1, $2 + ((defined $4) ? ($4 / 10) : 0));
 			if ($mod eq '-') {
 				$score -= $val;
 			} elsif ($mod eq '*') {
@ -1976,7 +1968,7 @@ sub postfwd_items {
 		);
 		if ( my $socket = IO::Socket::INET->new(
 			PeerAddr => $mserver,
-			PeerPort => ($mport ||= 25),
+			PeerPort => ($mport || 25),
 			Proto    => 'tcp',
 			Timeout  => 30,
 			Type     => SOCK_STREAM,
@ -1992,40 +1984,16 @@ sub postfwd_items {
 		};
 		return ($stop,$index,$myaction,$myline,%request);
 	},
 	# sendmail()
 	"sendmail" => sub {
 		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
 		my($myaction) = $postfwd_settings{default}; my($stop) = 0;
 		my($mcmd,$mfrom,$mto,$msubject,$mbody) = split '::', $myarg, 5;
 		my($msg) = "From: $mfrom\nTo: $mto\nSubject: $msubject\n\n$mbody\n";
 		if ( (-x $mcmd) and open (SM, "| $mcmd -i -f $mfrom $mto") ) {
 			if ( print SM "$msg" ) {
 				log_info ("[SENDMAIL] ".$myline.", $mcmd from=<$mfrom>, to=<$mto>, subject=<$msubject>");
 			} else {
 				log_note ("[SENDMAIL] ".$myline.", could not print to $mcmd pipe: '$!'");
 			};
 			close(SM);
 		} else {
 			log_note ("[SENDMAIL] ".$myline.", could not open pipe to $mcmd: '$!'");
 		};
 		return ($stop,$index,$myaction,$myline,%request);
 	},
 	# rate() command
 	"rate"	=> sub {
 		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
 		my($myaction) = $postfwd_settings{default}; my($stop) = 0; my $prate = '';
 		my($ratetype,$ratecount,$ratetime,$ratecmd) = split "/", $myarg, 4;
-		my($rcount) = ( ($mycmd =~ /^size/) ? $request{size} : (($mycmd =~ /^rcpt/) ? $request{recipient_count} : 1 ) );
+		my($rcount) = ( ($mycmd eq 'size') ? $request{size} : (($mycmd eq 'rcpt') ? $request{recipient_count} : 1 ) );
 		if ($ratetype and $ratecount and $ratetime and $ratecmd and $rcount) {
 		  my $crate = $Rules[$index]{$COMP_ID}.'+'.$ratecount.'_'.$ratetime;
 		  if ( defined $request{$ratetype} ) {
-                        my $r = $request{$ratetype};
+			$ratetype .= "=".$request{$ratetype};
                        unless ($mycmd =~ /5321$/) {
                                $r = lc($r);
                        } else {
                                $r = ($r =~ /^([^@]+)@(\S+)$/) ? $1.'@'.lc($2) : lc($r);
                        };
                        $ratetype .= "=".$r;
 			if ( $postfwd_settings{rate}{fast_eval} ) {
 				# Check if rate already exists in cache
@ -2109,12 +2077,6 @@ sub postfwd_items {
 	"size"	=> sub { return &{$postfwd_actions{rate}}(@_); },
 	# rcpt() command
 	"rcpt"	=> sub { return &{$postfwd_actions{rate}}(@_); },
 	# rate() command, according to rfc5321 case-sensivity
 	"rate5321"      => sub { return &{$postfwd_actions{rate}}(@_); },
 	# rcpt() command, according to rfc5321 case-sensivity
 	"rcpt5321"      => sub { return &{$postfwd_actions{rate}}(@_); },
 	# size() command, according to rfc5321 case-sensivity
 	"size5321"      => sub { return &{$postfwd_actions{rate}}(@_); },
 	# wait() command
 	"wait"	=> sub {
 		my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
@ -2244,7 +2206,7 @@ sub compare_item {
    # now compare request to every single item
    ITEM: foreach (@items) {
 	($cmp, $val) = split ";";
-	next ITEM unless ($cmp and (defined $val) and $mykey);
+	next ITEM unless ($cmp and $val and $mykey);
 	# prepare_file
 	if ($val =~ /$COMP_LIVE_FILE_TABLE/) {
 		push @items, prepare_file (0, $1, $cmp, $2);
@ -2253,7 +2215,7 @@ sub compare_item {
 	log_info ("compare $mykey:  \"$myitem\"  \"$cmp\"  \"$val\"") if wantsdebug (qw[ all thisrequest ]);
 	$val = $neg if ($neg = deneg_item($val));
 	log_info ("deneg $mykey:  \"$myitem\"  \"$cmp\"  \"$val\"") if ($neg and wantsdebug (qw[ all thisrequest ]));
-	next ITEM unless (defined $val);
+	next ITEM unless $val;
 	# substitute check for $$vars in rule item
 	if ( $var = devar_item ($cmp,$val,$myitem,%request) ) {
 		$val = $var; $val =~ s/([^-_@\.\w\s])/\\$1/g unless ($cmp eq '==');
@ -2326,7 +2288,7 @@ sub compare_rule {
 			? $date
 			# default: compare against request attribute
 			: $request{$mykey};
-		$myresult[0] = ($res = compare_item($mykey, $Rules[$index]{$mykey}, $num, ((defined $val) ? $val : ''), %request)) ? ($myresult[0] + $res) : 0;
+		$myresult[0] = ($res = compare_item($mykey, $Rules[$index]{$mykey}, $num, ($val || ''), %request)) ? ($myresult[0] + $res) : 0;
 	};
 	last ITEM unless ($myresult[0] > 0);
    };
@ -2531,7 +2493,7 @@ sub compare_rule {
 	$myline  = "[RULES]  RULE: ".$index."  MATCHES: ".((($myresult[0] - 2) > 0) ? ($myresult[0] - 2) : 0);
 	$myline .= "  RBLCOUNT: ".$myresult[1] if $myresult[1];
 	$myline .= "  RHSBLCOUNT: ".$myresult[2] if $myresult[2];
-	$myline .= "  DNSBLTEXT: ".(join ("; ", @DNSBL_Text)) if ( (@DNSBL_Text) and (($myresult[1] > 0) or ($myresult[2] > 0)) );
+	$myline .= "  DNSBLTEXT: ".(join ("; ", @DNSBL_Text)) if ( (defined @DNSBL_Text) and (($myresult[1] > 0) or ($myresult[2] > 0)) );
 	log_info ($myline);
    };
    return @myresult;
@ -2587,7 +2549,7 @@ sub smtpd_access_policy {
    # increase rate limits
    if (@Rate_Items and $postfwd_settings{rate}{fast_eval}) {
-	map { $checkval .= $_."=".lc($request{$_}).$postfwd_settings{seplst} if $request{$_} } (@Rate_Items);
+	map { $checkval .= $_."=".$request{$_}.$postfwd_settings{seplst} if $request{$_} } (@Rate_Items);
 	if ($checkval) {
 		$checkval = "CMD=".$postfwd_commands{checkrate}.";TYPE=rate;ITEM=$checkval;SIZE=".($request{'size'} || 0).";RCPT=".($request{'recipient_count'} || 0);
 			log_info ("[RATES] parent rate limit query: ".$checkval) if wantsdebug (qw[ all thisrequest verbose rates ]);
@ -2784,7 +2746,6 @@ sub smtpd_access_policy {
 					. ", state=".$request{protocol_state};
 				# check for postfwd action
 				$ai = 0; # (re)set max_command_recursion counter
 				while ($ai++ < $postfwd_settings{max_command_recursion} and $myaction =~ /^(\w[\-\w]+)\s*\(\s*(.*?)\s*\)$/) {
 					my($mycmd,$myarg) = ($1, $2); $stop = 0;
 					if (defined $postfwd_actions{$mycmd}) {
@ -3238,7 +3199,6 @@ log_note ("NODNS: set - will skip all dns based checks") if $postfwd_settings{dn
 # check for --nodaemon option
 unless ($postfwd_settings{daemon}) {
 	log_note ("NODAEMON: Please note that rate() commands do not work with postfwd2 and --nodaemon option due to the missing cache daemon");
 	my(%attr) = ();
 	get_plugins (@{$postfwd_settings{Plugins}}) if $postfwd_settings{Plugins};
 	read_config(1);
@ -3320,8 +3280,7 @@ die "master-daemon: should never see me!\n";
 # cleanup children and files and terminate
 sub end_program {
-	# ignore further TERM signals
+	local $SIG{TERM} = 'IGNORE';
 	$SIG{TERM} = 'IGNORE';
 	if ($postfwd_settings{summary}) {
 		undef $postfwd_settings{syslog}{noidlestats};
 		log_stats();
@ -3486,8 +3445,6 @@ B<postfwd2> [OPTIONS] [SOURCE1, SOURCE2, ...]
            --keep_rates		do not clear rate limit counters on reload
            --save_rates <file>		save and load rate limits on disk
 	    --fast_limit_evaluation	evaluate rate limits before ruleset is parsed
                                        (please note the limitations)
 	Plugins:
 	    --plugins <file>            loads postfwd plugins from file
@ -3570,8 +3527,6 @@ The way how request items are compared to the ruleset can be influenced in the f
 	 ITEM == VALUE                true if ITEM equals VALUE
 	 ITEM => VALUE                true if ITEM >= VALUE
 	 ITEM =< VALUE                true if ITEM <= VALUE
 	 ITEM >  VALUE                true if ITEM >  VALUE
 	 ITEM <  VALUE                true if ITEM <  VALUE
 	 ITEM =~ VALUE                true if ITEM ~= /^VALUE$/i
 	 ITEM != VALUE                false if ITEM equals VALUE
 	 ITEM !> VALUE                false if ITEM >= VALUE
@ -3882,7 +3837,7 @@ Files can refer to other files. The following is valid.
 	-- FILE /etc/postfwd/clients_west.cf --
 	192.168.3.0/24
-Note that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
+Remind that there is currently no loop detection (/a/file calls /a/file) and that this feature is only available
 with postfwd1 v1.15 and postfwd2 v0.18 and higher.
@ -3941,7 +3896,7 @@ postfwd2 actions control the behaviour of the program. Currently you can specify
 	this command creates a counter for the given <item>, which will be increased any time a request
 	containing it arrives. if it exceeds <max> within <time> seconds it will return <action> to postfix.
 	rate counters are very fast as they are executed before the ruleset is parsed.
-	please note that <action> was limited to postfix actions (no postfwd actions) for postfwd versions <1.33!
+	please note that <action> is currently limited to postfix actions (no postfwd actions)!
 	    # no more than 3 requests per 5 minutes
 	    # from the same "unknown" client
 	    id=RATE01 ;  client_name==unknown
@ -3964,11 +3919,6 @@ postfwd2 actions control the behaviour of the program. Currently you can specify
 	   id=RCPT01 ;  protocol_state==END-OF-MESSAGE ;  client_address==!!(10.1.1.1)
 	      action=rcpt(client_address/3/3600/450 4.7.1 sorry, max 3 recipients per hour)
        rate5321,size5321,rcpt5321 (<item>/<max>/<time>/<action>)
        same as the corresponding non-5321 functions, with the difference that the localpart of
        sender oder recipient addresses are evaluated case-sensitive according to rfc5321. That
 	means that requests from bob@example.local and BoB@example.local will be treated differently
 	ask (<addr>:<port>[:<ignore>])
 	allows to delegate the policy decision to another policy service (e.g. postgrey). the first
 	and the second argument (address and port) are mandatory. a third optional argument may be
@ -3980,16 +3930,10 @@ postfwd2 actions control the behaviour of the program. Currently you can specify
 	   id=GREY; client_address==10.1.1.1; action=ask(127.0.0.1:10031:^dunno$)
        mail(server/helo/from/to/subject/body)
 	This command is deprecated. You should try to use the sendmail() action instead.
        Very basic mail command, that sends a message with the given arguments. LIMITATIONS:
        This basically performs a telnet. No authentication or TLS are available. Additionally it does
        not track notification state and will notify you any time, the corresponding rule hits.
 	sendmail(sendmail-path::from::to::subject::body)
 	Mail command, that uses an existing sendmail binary and sends a message with the given arguments.
 	LIMITATIONS: The command does not track notification state and will notify you any time, the
 	corresponding rule hits (which could mean 100 mails for a mail with 100 recipients at RCPT stage).
 	wait (<delay>)
 	pauses the program execution for <delay> seconds. use this for
 	delaying or throtteling connections.
@ -4147,10 +4091,6 @@ will be used.
 					$myresult = ($myitem <= $val);
 				} elsif ($cmp eq '=>') {
 					$myresult = ($myitem >= $val);
 				} elsif ($cmp eq '<') {
 					$myresult = ($myitem < $val);
 				} elsif ($cmp eq '>') {
 					$myresult = ($myitem > $val);
 				} elsif ($cmp eq '!=') {
 					$myresult = not($myitem == $val);
 				} elsif ($cmp eq '!<') {
@ -4182,15 +4122,15 @@ continue or to stop parsing the ruleset.
 			# note(<logstring>) command
 			"note"  => sub {
 				my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-				my($myaction) = 'dunno'; my($stop) = 0;
+				my($myaction) = $default_action; my($stop) = 0;
-				log_info "[RULES] ".$myline." - note: ".$myarg if $myarg;
+				mylogs 'info', "[RULES] ".$myline." - note: ".$myarg if $myarg;
 				return ($stop,$index,$myaction,$myline,%request);
 			},
 			# skips next <myarg> rules
        		"skip" => sub {
 				my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-				my($myaction) = 'dunno'; my($stop) = 0;
+				my($myaction) = $default_action; my($stop) = 0;
 				$index += $myarg if ( $myarg and not(($index + $myarg) > $#Rules) );
 				return ($stop,$index,$myaction,$myline,%request);
        		},
@ -4198,8 +4138,8 @@ continue or to stop parsing the ruleset.
 			# dumps current request contents to syslog
        		"dumprequest" => sub {
 				my($index,$now,$mycmd,$myarg,$myline,%request) = @_;
-				my($myaction) = 'dunno'; my($stop) = 0;
+				my($myaction) = $default_action; my($stop) = 0;
-				map { log_info "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
+				map { mylogs 'info', "[DUMP] rule=$index, Attribute: $_=$request{$_}" } (keys %request);
 				return ($stop,$index,$myaction,$myline,%request);
        		},
@ -4442,9 +4382,6 @@ These parameters influence the way postfwd2 is working. Any of them can be combi
 	before consulting the ruleset. This mode was the default behaviour until v1.30.
 	With this mode rate limits will be faster, but also eventually set up
 	whitelisting-rules within the ruleset might not work as expected.
        LIMITATIONS: This option does not allow nested postfwd commands like
                action=rate(sender/3/60/wait(3))
        This option doe not work with the strict-rfc5321 rate() functions.
 I<Informational arguments>
		`@ -1,2 +0,0 @@`
			`10_fix_wording_manpages.patch`
			`20_fix_postfwd1_default_umask.patch`
		`@ -1,2 +0,0 @@`
			`debian/tmp/postfwd1.8`
			`man/man8/postfwd2.8`
		`@ -1 +0,0 @@`
			`extend-diff-ignore = '(^\|/)(\.travis\.yml\|\.git\|\.github\|\.gitgnore\|config\.sub\|config\.guess)'`
		`@ -1,2 +0,0 @@`
			`version=4`
			`https://postfwd.org postfwd-(.*)\.tar\.gz`